All index.php and main.php files on my site have been appended with spam.
If you view http://gallery2.ca/ and view the source you will see the hidden div with some spam.
I have looked at these files and they all have the same time-stamp. Files that i even forgot about not accessible via http are effected as well.
I looked at the logs but cant seem to find anything that correlates to the time-stamps.
There is backups but I would like to get at the cause. (yes passwords have been changed)
Can another script on the same server change files?