You'll probably want to grab 6.5.4. It's possible that the one script that was found to be potentially vunerable was used. It's also verypossible that there were backdoors left from the original hack. Usually if someone gets in, they will always try and leave themselves a backdoor. Do you have access to your server error logs? If so, you can look there to see any unusual requests for clues.
As for less vulnerable software. Unfortunately this seems to happen to just about all of them from time to time. Do a quick scan of google and you'll see there's been security releases of this nature put out for just about all the major products. If there is a hole anywhere it will be found. It would be best if the hole was never there, but unfortunately it was and the only thing we can do is get a fix out prompty, which we did.
Steps are being taken in the way version 7 has been developed to help in the security area. We've been doing this long enough now that we know what the common oversights are that usually cause these problems and will be doing everything we can to preent them in the future.
