I've been involved with over 250 websites in one capacity or another but my first site was just hacked. It is a custom CMS that I put on most sites. Not a 'customized' CMS rather one I built from scratch.
I'm trying to figure out where in the heck the vulnerability is. I'm sanitizing ALL of the inputs both from general users and administrators.
The site is on a dedicated server which I manage and the bug hasn't ended up on any other pages or sites on this server.
I'm trying to figure out how someone might be able to inject this code and put it on my index page.