> FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability Bogus. You really don't know what you are doing, as others pointed out. > code : > include("$fpath/forum.php"); That variable is initialized two lines above, so this is BOGUS. Stefano