After watching a customer downloading stuff without any money hitting ccbill (he got greedy and started downloading more and more or I would not have noticed), I finally took the time to dissect the Logs to figure out exactly what he was doing.
I have figured out the exploit and can now repeat over and over. It has to do with "checkout_process.php" but exploit requires 1 successful purchase before you can use that info to steal the rest of the digital downloads. Luckily, it is just ONE guy and I am tracking him constantly now. He will soon tire of having to get a new IP (I lock him out via iptables) AND having to make a new account each time now.
I don't want to spell out the exploit or mention the site because I don't want to have to deal with 10 guys doing this :( I haven't tested this with other payment modules because I only use ccbill.
I would like to contact and work with the Author of the Module OR some other expert to get this fixed eventually. You can contact me at httptunnel at gmail if you are the Author or equivalent. Let's fix this !! Don't just contact me to ask exploit details for download fun.
Thanks
New 
