Apparently MediaWiki is using the popen() function PHP. A lot of users are on shared hosting packages. Including me. How is such a thing possible, when popen() is an actual execution command, open to abuse in the wrong hands? (See: http://stackoverflow.com/questions/3115559/exploitable-php-functions)
Maybe MediaWiki is sticking with it, maybe not. What's worse is that there's absolutely no mention of this change anywhere in the change log, which is absurd. Is there a short term solution I can use? Downgrade, force MW to use the old file upload system? Anything?
All help would be appreciated.