Flaws in how Apache's suexec binary has been patched by cPanel when configured for mod_php, in conjunction with cPanel's creation of some perl scripts that are not taint clean, allow for any user to execute arbitrary code as any other user with a uid above UID_MIN.
c6f8c68995fc348495dd14264910ae5696e263da879190792db1826b49350c14
The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.
958b7c3d603a8a91d715903c8001ca9e73ed468d5964833442f8c7b9303ec0a8