>Foud By: Breeeeh & CrAzY CrAcKeR >$comma = " - "; >... >$title .= $comma.$forum['name']; >... >$comma = ", "; This code snippet sets the $comma variable to static values, so it doesn't look like the attacker can control them. >Example: > >/rss.php?...$comma=[SQL] Given the previous code snippet, how can $comma be modified from this URL? - Steve