If they ( VVT and iCMS ) really want to develop new version of iCMS ( without any code from CMSNET ), why do they need the corporation of hackers, to telling them the security hole ?