Regex file path with extension

Jvlz.php?paaqvg

Arhiva noroc plus joker

Jvlz.php?paaqvg

Cibalab rezultati sofia

Hello!I don't exactly understand how the vulnerability of injection for the $_SERVER['PHP_SELF' I've looked at multiple other threads; but what I don't understand is, since the php file is running server...