I'm not aware of PHPBB3 ever having these security problems. My personal opinion is that PHPBB3 is the best out of the free forums software. The only issue id that it doesn't have a plugin interface like with wordpress for example. Modifications can conflict more easily with it's easymod installation system.
But phpbb also lets you auto-update and auto-merge the modifications on the new files.
Yes, it is commercial and from I've read, worth it. I don't believe Canonical would use it for the Ubuntu forums if there was an open source package that was as good. It's also used by WebHostingTalk, one of the biggest web host forums.
PHPBB is free, open source and is used on warez-bb.org, the biggest warez forum and probably the most attacked forum on the whole internet. Ofcourse i suspect they have a good security team taking care of warez-bb.
Our users have posted a total of 38723335 articles | We have 2641227 registered users
Most users ever online was 8594
In total there are 4240 users online :: 3440 Registered, 89 Hidden and about 711 Guests
^^ and it can handle heavy traffic, as the stats show.