View Single Post
Old 02-25-2009, 11:10 AM  
ScriptWorkz
Confirmed User
 
Industry Role:
Join Date: Jul 2007
Location: Intraweb
Posts: 274
Most likely, it executes whatever code is in the post variable 'x' as php, so if someone posted some malicious php code it could be pretty bad depending on how your server is configured.

I don't really see any real point in having that in there and would most likely remove it unless you know it's used for something and even then i'd find a way to replace that functionality w/o something that didn't leave such a big security hole.
ScriptWorkz is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote