From the report:
"twlc security divison
Php nuke BUGGED.
LucisFero and supergate
This time the bug is really dangerous...it allows you to 'cp' any file on
the box... or even upload files...
all the versions ARE vulnerable
except '5.0 RC1' (i wonder why a released c. is ok while the final 5.2 is