Continued:

- call_user_func(_array) does never belong into URLs, if your script requires
  this, please reconsider the security implications!

Signed-off-by: Roland Häder <roland@mxchange.org>

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index f7bde09388f6218d30a4bd5b502ceb2b4ea35678..49d171e7f2c204b6f1f87a7a795bcfd0f59d2cd6 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -101,6 +101,7 @@ function initCrackerTrackerArrays () {
                // PHP commands/scripts
                'fopen', 'fwrite', 'phpinfo()', '\<?', '?\>', 'base64_decode', 'file_put_contents',
                'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors', 'passthru',
+               'call_user_func',
 
                // Typical PHP script remote-inclusions and typical include file names
                '.inc.php', '.lib.php', '.class.php', 'config.php', '.inc', '_php',