Just had my whole server hacked with this code:

http://securitytracker.com/alerts/2006/Feb/1015624.html
http://www.soledadpenades.com/2006/05/28/idiots-with-nothing-to-do/

Just wanted to make sure it wasn't due to a vulnerability in the VBA CMS code. I've been using v2.1.0. I was told by our host that it could likely be our CMS.

That wouldn't have anything to do with vBa CMPS.

Okay, so you're saying there is absolutely no chance that vba cmps could be affected by this type of vulnerability. And of course vb says it's not there code. At least it's getting narrowed down.

Nope. There is no user input, or any files included based on parameters in the URL.

How about the Links script? We're using that one too.

How about the Links script? We're using that one too.Same. There are no dynamically included files like that.

Well it seems our host has pinpointed the vulnerability to this script somehow. I'll give more info once I have it. For now, I have to start moving our sites to a new server and rebuild them.

There's still no way I can think of that would be possible. If your host can actually provide some evidence or some type of additional info though please let us know.
And just out of curiosity, what exactly was done to your site when it was hacked?