sync-exec is vulnerable to information disclosure attacks. It uses a world readable tmp directory as a buffer before returning values. Since this directory is world-readable, any other user on the server is able to read the temporary files while they exist, potentially obtaining confidential information.