Given this piece of code:
$func = $_GET['func'];
$argument = $_GET['argument'];
if (function_exists($func) && strcasecmp($func, 'assert') !== 0) {
$result = $func($argument);
....
Is it possible to inject malicious code (for example eval) other than standard php functions given eval() is not recognized as function ?
Thx