ya, that seems very true. i didn't think about it, but i did such a thing last weekend. the person was using a php board not wwwthreads and i knew where the config file was and i got the login and pw. and that person used that login and pw for the database as there login and pw for the board. i used there info and made me an admin. and made some boards. wasn't nothing special, but it was done. stupidity on the webmasters part thought.
[:red]--------------
http://extremeforums.org/index
