Simple tool to scan a PHP code to look for potential injection vulnerabilities. Made using nikic/PHP-Parser, written in PHP.
to run: php scan.php PATH/TO/YOUR_PROJECT/
notice the trailing "/". target has to be a directory.
https://www.php.net/manual/en/intro.ds.php
https://github.com/nikic/PHP-Parser
that this tool is far from complete and false positive/negatives are quite common.