thanks but, I already had this happen to me last week. As I dug through the logs I found out how they did it. They uploaded a .wmv file and we able to execute a php script
this one to be exact: http://netjackal.by.ru/
This will pretty much give you access to anything on your computer.
It also seems that this may be the people that are hacking the files: www.sniper-sa.com
This may be there forum: http://www.alm3refh.com/vb/
You can do whatever you want with this information. I just lost 2 months of data and hours of restoring my website because of this exploit.