I have had the same problem. Repeated attacks leading to file upload, leading to mail and phishing from my site. A real pain the the @$$ . . . see documented vulnerability below:http://www.exploit-db.com/exploits/12231/
Vulnerability is published for all to see. I like this component, but PLEASE update it to address security for your members!