Heads up folks, the following Joomla extensions have been shamed at milw0rm (yes, they posted exploit code too): * Archaic Binary Gallery - directory traversal vulnerability * Kbase - SQL injection vulnerability So if you are using either, best disable them pronto, then ask questions later ;-) -- Mitch