EIP-2026-107460

This is a detailed technical analysis of CVE-2015-130433, a vulnerability in the Google AdWords API PHP client library <= 6.2.0. It describes a path traversal and code execution flaw in the WSDLInterpreter class, which fails to sanitize WSDL input and validate SSL certificates, allowing arbitrary PHP code execution via MitM attacks.