adjusted scoring

scan.py

@@ -202,17 +202,17 @@ scoring = {
   'ACCESS_DENIED':            (-30, u'Early block execution'),
   'JAVASCRIPT_HACK':          (50, u'Javascript'),
   'HAS_EVAL':                 (2, u'Has eval()'),
-  'HAS_EVAL_EARLY':           (10, u'Has eval() early'),
+  'HAS_EVAL_EARLY':           (9, u'Has eval() early'),
   'HAS_CALL_FUNC_EARLY':      (3, u'Has call_user_func() early'),
   'HAS_BASE64DECODE':         (2, u'Has base64_decode() or str_rot13()'),
-  'HAS_BASE64DECODE_EARLY':   (10, u'Has base64_decode() or str_rot13() early'),
+  'HAS_BASE64DECODE_EARLY':   (9, u'Has base64_decode() or str_rot13() early'),
   'HAS_MAIL':                 (1, u'Has mail()'),
   'HAS_MAIL_EARLY':           (2, u'Has mail() early'),
   'LONG_LINE':                (5, u'Has a line of more than 1000 characters'),
   'LONG_LINE_EARLY':          (8, u'Has a line of more than 1000 characters early'),
   'VERY_LONG_LINE':           (5, u'Has a line of more than 3000 characters'),
   'VERY_LONG_LINE_EARLY':     (9, u'Has a line of more than 3000 characters early'),
-  'MD5_VAR':                  (10, u'Has a MD5 encoded variable'),
+  'MD5_VAR':                  (9, u'Has a MD5 encoded variable'),
   'INCLUDE_REQUIRE':          (-2, u'Has include() or require() without http'),
   'COOKIE_FORM1':             (20, u'Has form1=@$_COOKIE'),
   'MAIL_X_HEADER':            (5, u'Has mail.add_x_header'),