From e5d8cdb8fcb063d776d830ed546e1bf130b22316 Mon Sep 17 00:00:00 2001
From: Roland Haeder <roland@mxchange.org>
Date: Sat, 15 May 2010 07:37:33 +0000
Subject: [PATCH] This should also not be used in URLs

---
 libs/lib_detector.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index c9ea38d..9ba3432 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -67,7 +67,7 @@ function initCrackerTrackerArrays () {
 		'div style=', 'overflow: auto', 'height: 1px', 'cc%20', 'admin_action=', 'path=', 'action=http',
 		'page=http', 'module=http', 'op=http', 'id=http', 'id%3Dhttp', 'action%3Dhttp', 'page%3Dhttp',
 		'module%3Dhttp', 'op%3Dhttp', 'starhack', '../../', 'directory=http', 'dir=http', 'busca', 'uol.com',
-		'=http://', '=https://','=ftp://'
+		'=http://', '=https://','=ftp://','_SESSION'
 	);
 
 	// Block these words found in POST requests
-- 
2.39.2