mmbench - 7:52 pm on May 27, 2008 (gmt 0)
I saw this problem beginning on Friday 5/23. I've cleaned everything up and verified the code. However - any tips for finding the injection in the web log files? I've looked at every active web server we have and can't find anything.