SQL Injection (Search/POST) is also similar to (Search/Get) but the main difference is you cannot see the tittle searched in the URL so you have two options either you can capture the request in burp and do the same steps as we did in (Search/Get) to enumerate the database.
This sqli is also similar like (search/get) and other just the difference is before that you have to do the captcha.
In this (AJAX/JSON/JQUERY) SQLi, to find the vulnerability is little but tricky, you have focus on the out what you are getting
PHP code injection is a vulnerability that allows an attacker to inject custom code into the server side scripting engine. This vulnerability occurs when an attacker can control all or part of an input string that is fed into an eval() function call. Eval will execute the argument as code.
As you can see the message is showing in the URL, we can manipulate it
From this we can ping any IP address