[tveita]

There are no systems to my knowledge where the server will compile and execute a .c file from a directory when accessed.

Yet that seems to be the default configuration for many PHP installations unless you specifically guard against it it. A common PHP vulnerability is just the user uploading a php file and then accessing it.

[ukigumo]

This is what I mean with knowing what risks your application / framework / language will bring and mitigating them accordingly.

(edited for clarity)

[sanswork]

So you're saying the issue isn't with the php it is with all interpreted languages? Then compile your php before upload.

>A common PHP vulnerability is just the user uploading a php file and then accessing it.

A common PHP vulnerability is allowing uploads to a folder where code is allowed to be executed. That isn't a fault with the language but with lazy developers and admins.