The underlying issue affects and 5.x versions before 5.6.3 . The Flaw Mechanics
Using curl :
An attacker can send a POST request to this file containing malicious PHP code. Since the script executes whatever it receives, the attacker gains the ability to run commands on the server. The underlying issue affects and 5