sp.disable_function.function("system").filename("/static_pages/index.php").var("_SERVER[PHP_SELF").value_r("\"").drop().alias("XSS");
sp.disable_function.filename("include/imageobject_im.class.php").function("exec").var("CONFIG[im_options]).value_r("[^a-z0-9]").drop();