Confusion is abounding with people scrambling to protect their sites against UNION attacks, Base64, Admin adding, etc. In spite of some of the claims of needing this or that, the simple truth is, if you have my hackalert script and Chat's security fixes up to date, you have everything that you need to ward off all known exploits, including the GPC base64 exploit and the SQL C Comments exploit. These were all published before any other scripts included them. And, they are not beta - they are production quality. So, if you are using the scripts mentioned above, you should be safe, at least for now. Of course if you know of a new exploit or an issue with those mentioned above, please contact us immediately. Please note that Sting has contributed some valuable information in the forums also.