I don't know anyone report this:
Uploadscript is great script for share file. It is like rapidshare.com

I detect that admin password is stored in txt file and anyone can get it.

Infect: v1.0 - v1.1 - v1.2 and maybe lower.

Search google keyword: Powered by Uploadscript v1.0

Exploit: http://target/path/password.txt