Data injection and protection bypass in lc, lcfirst, uc, ucfirst functions and CGI module.
vulners.com/securityvulns/securityvulns:doc:26304
vulners.com/securityvulns/securityvulns:doc:26379