This indicates an attempt to exploit a remote code execution vulnerability in PHP.
The vulnerability may allow attackers to execute arbitrary code on remote systems by including PHP sequences in some parameters.
Any website that runs any PHP software which allows remote code execution is vulnerable.
System compromise: remote PHP code execution.
If a FortiGate with FortiOS 2.80 or above is used, select "drop" as the default action for the signature.