source: https://www.securityfocus.com/bid/39315/info
TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code.
An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute arbitrary code with the privileges of the webserver.
Versions prior to TCPDF 4.9.006 are vulnerable.
<tcpdf method="Rect" params=");echo `id`;die(" />