Hey,
I also got hacked by those script-kiddies. I used the phpbb forum and cutenews. they got into both. I guess it has something to do with file rights... cause both of those scripts need a writable (777) file. there must have been a problem with that i guess. I doubt it was the webserver itself cause only ppl with phpbb, cutenews etc. had it.
hostlock.ch --> standard plan
edit:
seems like they always went for the config.php files which are usually being written to when you set up those scripts. so im pretty sure it has to do with the rights of a file. for some reason i think its useless trying to catch those freaks, just another lesson trying to teach you to make backups of your webserver