Aria-Security Team httP://Aria-Security.Net -------------------------- ABI Version 3.7.9.17 Remote SQL Injection The forget password section at LostPwd.asp? has the vulnerability to run SQL query and give the attacker the information neeeded. The-0utl4w (Credits goes to Aria-Security)