The native VFP command RUN | ! Command probably uses the same way, though I feel that sometimes the direct calling is more effective.
If a malicious user were to create an application called "Program.exe" on a system, any program that incorrectly calls WinExec using the Program Files directory will run this application instead of the intended application.
Credits: PHP (4.4.9), an HTML-embedded scripting language,
MySQL (5.1.55-log), the Open Source standard SQL database,
Version 4, freeware HTML Editor of choice. Hosted by Korax Online Inc.