CVE-2004-0542
CVE-2004-0542 affects PHP on Win32: PHP versions before 4.3.7 fail to filter all shell metacharacters in escapeshellcmd/escapeshellarg, enabling local or remote attackers to execute arbitrary code, overwrite files, or access internal environment variables by using characters such as “%”, “|”, or ...