The host is installed with PHP 5.3.12 or 5.4.2 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle proper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence. Successful exploitation could allow attackers to bypass a protection mechanism.