[eluser]Bramme[/eluser]
Offcourse you'll need a pretty well secured log in, but as for the rest... I think if you protect for the basic stuff, like SQL injection and maybe some decent password hashing etc, you're good to go. Because, even if the CMS is publicly accessible, who on earth would want to hack into some hosted CMS solution website?
Don't get me wrong, I love the idea and I've been thinking of starting my own if money wasn't the issue, but those sites are mostly not really "hack worthy" :p So I don't think you have lots to fear