Description
This script is using the PHP function eval() on user input. If the user input is not properly validated, a remote user can supply a specially crafted input to pass arbitrary code to an eval() statement, which can result in code execution.
Remediation
Review the source code of this script and make sure user input is properly validated.
References
Related Vulnerabilities
PHP HTTP POST incorrect MIME header parsing vulnerability
Webmin v1.920 Unauhenticated Remote Command Execution
WordPress Plugin Custom Content Type Manager Remote Code Execution (0.9.8.5)
ThinkPHP v5.0.22/5.1.29 Remote Code Execution Vulnerability
WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2)