Please if possible - upgrade your installation to the most current release (1.2.8 at the moment). There all known leaks are closed and the security concept phpwcms is much better.
Many of these concepts could applied to older releases too. But it's work and hard to find time doing so. So it is not planned to build security fixes for older releases without sponsorship. If you are not willing to upgrade you have to be careful with your installation because of possible bugs which allows somebody from outside to inject your installation of phpwcms, compromise your server system and database or send spam emails.
From now on I will release information regarding such leaks here.
You can donate for a secure release 1.1-RC4 - 300 EUR neccessary in total.