It sure looks like there is a security hole in those servers, perhaps it's a bug on some web software running in them (Wordpress, Joomla, phpMyAdmin...) which allows the attacker to modify files writable by the web server.
Review the last modified date of the affected files and then search for that time in your web server logs, it might give you a hint of what's going on. cheers, /imv On Thu, Feb 12, 2009 at 3:40 PM, Szymek Przybył <apocalyp...@gmail.com>wrote: > I think that isn't a server fault - this code was appeared on two my sites, > one of my client (on the same hosting which I used - szybki-serwer.pl) and > on site of my client on the other server (home.pl). > > cheers! > szymek > > > _______________________________________________ > PHPTAL mailing list > PHPTAL@lists.motion-twin.com > http://lists.motion-twin.com/mailman/listinfo/phptal >
_______________________________________________ PHPTAL mailing list PHPTAL@lists.motion-twin.com http://lists.motion-twin.com/mailman/listinfo/phptal