Using the attacks in this paper allows you to bypass all of PHPIDS’s rule sets, which defeats all protection PHPIDS can provide. Furthermore, on a default install of PHPIDS the log file can be used to drop a PHP backdoor. This can use PHPIDS as a vital steping stone in turning an LFI vulnerability into remote code execution. The end result is that use of PHPIDS 0.6.5 can make you less secure. All of these issues have been fixed in version 0.7.
You can download it from the following link: https://packetstormsecurity.com/files/download/104493/Bypassing-PHPIDS-0.6.5.pdf
Source: https://packetstormsecurity.com/files/104493/Bypassing-PHPIDS-0.6.5.html