Security Advisory: CVE-2015-5243 rediscovered: phpWhois before 5.1.0 PHP Code Injection

phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned
WHOIS data. This allows attackers controlling the WHOIS information of a
requested domain to execute arbitrary PHP code in the context of the application.

Full security advisory: