Originally Posted by gt_croz
PHP is open source, right? So one could replace the source code for unserialize() in the latest sanctioned version of PHP, and recompile it.
The only way I could see this being a security risk is if a security vulnerability was the motiviation for the PHP developers rewriting unseriailze()
phpbb is open source (i'm a co-admin/mod on a site that uses it) but vB which is vastly superior is a private one to my knowledge. I may be wrong though, but I know phpbb is completely free.