I am getting this warning during an internal scan of all files by RS Firewall in:
components/com_virtuemart/helpers/vmpdf.php PHP Injection - Obfuscated function call ages/*getNumPages*/(........
I suppose this is false warning?
Using: 3.0.16
If you open the file, you will see that *getNumPages* is just a piece of disabled (commented) code.