From 3f5cd5b92d3ea339f3d099c3fa8e65b0bc0f1533 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Mon, 1 Apr 2019 16:43:20 +0200 Subject: [PATCH] Continued: - call_user_func(_array) does never belong into URLs, if your script requires this, please reconsider the security implications! MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- libs/lib_detector.php | 1 + 1 file changed, 1 insertion(+) diff --git a/libs/lib_detector.php b/libs/lib_detector.php index f7bde09..49d171e 100644 --- a/libs/lib_detector.php +++ b/libs/lib_detector.php @@ -101,6 +101,7 @@ function initCrackerTrackerArrays () { // PHP commands/scripts 'fopen', 'fwrite', 'phpinfo()', '\', 'base64_decode', 'file_put_contents', 'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors', 'passthru', + 'call_user_func', // Typical PHP script remote-inclusions and typical include file names '.inc.php', '.lib.php', '.class.php', 'config.php', '.inc', '_php', -- 2.39.5