That file doesn't have any issues... It has SQL Injection code in place. My guess is that the SQL Injection holes (if any) are in hand coded sections.
Plain text passwords just means that your passwords aren't encrypted in your database.
Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.
These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.