Security Risk

[AceDog]

I have been using credit class gv dc v5.05, I want to upgarde.
There seems to be a security risk I have noticed in this version v5.05, I wonder if this has been fixed in the updates.

This is location of the updated version
http://www.oscommerce.com/community/...h,Gift+Voucher

The problem I found was concerning the incentive to open an account. Ie $10 gv

I sign up for 3 account and then gave the vouchers to 4th ,

the 4th account had $40 and was able to make a free purchase.

I have not tested the discount, maybe this is ok?
The % dc that is emailed is the same code everytime, does this apply to a new account only once?

Another possable security risk, If someone generated a script to grap the $10 discount codes from a site, they could then use them on a bogus account to make free purchases. do you think this is possable? its a scary thought!
Maybe they would use telnet or something, I have read there is some email risk with telnet but thats another story.
I'm a newby and using max AABox.com MS2-MAX V1.5 version.
I think credit class is great mod, but am scared of using it.
I found a way to stop the email voucher incentive But does this fix all the risks

Just an update on this. Some one said the email is sent twice, i dont thnk this is the case the 2 vouchers are sent in 1 email: hence 2 records logged in admin Vouchers/Coupons area