Can someone please explain to me how a hacker can get in to your site through a script? Aren;t scripts necessary to make a web site run sometimes? Why would a host provider tell me that "I shouldn't have scripts" on my site? Isn't there any way to secure them?

I would google this, but frankly, I don't know what to google exactly.

some scripts are very unsecure, esspecialy if badly written.

example of things that are often unsecure include uploaders(so easy to embed PHP or whatever content in them, then use this to delete pages, or create a page that can give the hacker access to do something else), anything that makes a DB call without checking validity or running addslashes/mysql_real_encode_string

google sql injection (http://google.com/search?qsql+injection) to learn more about DB accessing hacks and this site (http://www.phpclasses.org/blog/post/67-PHP-security-exploit-with-GIF-images.html) offers a pretty good guide as to how to avoid the images flaw(not just limited PHP, almost any language is vunrable to similar flaws).

Why would a host provider tell me that "I shouldn't have scripts" on my site?Because they assume you don't know what you're doing and if you mess up then you compromise everyone using the same host computer that your site is on. The folks trying to find your oversights are very good and what they can do through the web server you are sharing is extremely dangerous.