PHP is a commonly used server-side scripting language used on website. When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -d, -s or -c to be passed to the php-cgi binary, which can be exploited to execute arbitrary code, disclose PHP source code and cause system crashes.