I've temporarily disabled the journals. The last two somewhat sucessful hacks (as well as many of the unsucessful attempts) were all made using an exploit for a weakness in the journal module of PHP-Nuke. (PHP-Nuke the software that runs the site.)
I will re-enable journals as soon as a more secure version of the journal module becomes available.
Sorry for any inconvienence. As always, comments and feedback are welcome.