Any more info as to how/who infected your site with the sejeal.jpg and upload php code? I have seen the same thing on my site and have set all user permissions as instructed by the Joomla team, but I think they just kept posting the file into the 'tmp' folder! I am logging/reviewing activities via 'auditd'.
Reference post:
http://lime-technology.com/forum/index.php?topic=25250.msg221894#msg221894
Thanks.
Colin