what is php code injection weakness ? Code injection is an attack that delivers a malicious code payload through a vulnerable attack vector in eval() function without any sanitization or block dangerous functions like exec(), shell_exec(), system() or passthru() Background story While hunting on a private program I like to search on custom parameters in burpsuite after finishing test…