Definition
An RCE attack allows an attacker to execute arbitrary commands or code on the vulnerable server by exploiting a flaw in the application code that does not properly sanitize user input.
<?php
$cmd = $_GET['cmd']; // ⚠️ not sanitized
system($cmd); // command executed on the server
?>