Multiple possibilities to execute code with no restrictiions with curl* functions.
vulners.com/securityvulns/securityvulns:doc:12888