I want to know the list of functions which are used to evaluate strings to code. For example: in PHP we have the eval
function which evaluates a string to PHP code. Input passed into eval
without filtering could be used as remote code execution by a user/attacker.
So I'd like suggestions for additions of such functions to compile a list of commonly-used server-side programming languages? (Java, Python, PHP and Rails for a start)
Basically my use case is to do white box testing on different platforms, and I want to make sure that I am not missing any functions that could cause code execution on server side.