I had a client get his site hacked thru an insecure version of phpautomembersarea today, here's how they found it:

http://www.google.com/search?q=inurl...=&start=0&sa=N

if you are running this script, make sure its secured / updated!!!

cheers,
Luke