Alot of users aren't that "up to date".
Short version: Gesior is just as safe.
Long version:
"Gesior" itself has ALOT of versions, the latest versions(that are uploaded to github) are safe.
Many people think all versions are safe, but the older versions has huge problems with SQL injections aswell as the image uploader etc.
The new one lacks a few things that the old one has, ex. the old news system(integrated to the forum now and loaded from database).
The admin panel(not like it was really used, you are better of writing your own admin panel imo)
As
@HalfAway said Znote AAC is written in a nicer way, the main reason why Gesior AAC is so messy is because it fully supports the tibia.com layout.
I got a gesior 2012 version for 1.1 that I will be releasing when its ready, most of the code has been cleaned up, fully supports bootstrap insted of the ugly tibia.com layout etc.
I don't wanna say that gesior AAC has a "nice" code, its the other way around... But the main thing I like about it is that if you want something, ex. top fraggers etc you can download them from the forum.
Since gesior uses a function for the SQL connection you don't have to worry about SQL injections when it comes to old scripts, aslong as they use this function:
Code:
$sql->query("the query");
The main thing is that no one really has "worked" on gesior AAC except
@Gesior.pl, there are alot of people who mainly just updated the database structure etc in the older versions.
If you want my honest opinion - its up to you. Either you go with Znote and either pay / wait to get the scripts / functions you want or you use Gesior and accept the ugly layout and get the scripts etc for free and simple to install.