Hello, This particular exploit was fixed in 2.0.22, which was released on the 23rd December 2006. The correct fix for this issue is contained in that release, and it is recommended that people update to 2.0.22. NeoThermic phpBB Support Team, Audit Team and Incident Investigation Team Leader.