@Robert. With the default settings, and a PHP version 5.3+, there is no security issue with version 0.6 or greater. However, if you disable the security by specifying an asterisk as the permitted mime type, then any file will be allowed. Also, you should never allow public, guest, users to upload files to your site. Only registered, trusted, users should have access to an uploader (any uploader).