I have updated the server with the latest version of PHP to plug the security hole discovered yesterday. Consequently I have restored the ability to upload files and custom Avatars again.