ilkerkandemir@xxxxxxxxx wrote: > Script:Trevorchan v0.7 Fake vuln > require_once($tc_config['rootdir']."/inc/functions.php"); > require_once($tc_config['rootdir']."/inc/encryption.php"); These vars are initialized in config.php, which is require-d by the files you mention. > Exploit: Obviously, you didn't care to test them. PLEASE STOP REPORTING FAKE PHP VULNS. Stefano