This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.
Upgrade to version 1.7.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Vendor Specific Advisory URL
Secunia Advisory ID:28499
Generic Exploit URL: http://milw0rm.com/exploits/4924