Anonymous comment on the OSVDB entry: http://osvdb.org/show/osvdb/64936 This script does not have security injection issues and is safe. the pages.php is not form and 0 input. There is no way to inject