Hi Joe,
You should update your Joomla to 3.4.5 and Virtuemart to VM3.0.12.. Also keep the component count as minimum as possible, and make sure they are all updated to latest... Still you might get SQL injection in the future, because Joomla itself is not a secure platform, since it is been widely used, it is tent to be hacked. It is critically important to keep the Joomla and all its extensions to be up-to-date.
We have released a new version for CleanMart to support the new VM and Joomla.. In the new version, we encrypted (obfuscated) different files (only 2 files).. Our encryptions are to cover the AJAX connection upon clicking the VALIDATE button from your server to our server. There is nothing going from our server to yours..It is 1-way connection only.. So, the malicious back-door can't be the obfuscated codes..
But that's fine, i can provide you normal versions of those encrypted files if you will feel safe. Let's do it this way:
1- Download the CleanMart from our server (i just sent an email to you that includes your unique download ink)
2- I am now emailing you 2 files (the normal version of the encrypted files) so you can overwrite them with the ones that come with CleanMart by default.
Regards.
Support