A remote code execution vulnerability exists in WeBid. The vulnerability is due to the way WeBid handles injected PHP code in the includes/currencies.php script without any authentication. A remote attacker can exploit this issue by sending a specially crafted HTTP request.