6.1.4 hacked " dis Shell Commander "

This is the code that I found on my index.php page today.   My dolphin script has already been hacked before.. Now I have the latest version 6.1.4 and found other hackings... This is a very serious hack!.    Anyone have any info on how to secure my site?   

HTML>

<HEAD>
  <TITLE>dis Shell Commander</TITLE>
  <STYLE TYPE="text/css"><!--

    INPUT, TEXTAREA, SELECT, OPTION, TD {
        color: #BBBBBB;
        background-color: #000000;
        font-family: Terminus, Fixedsys, Fixed, Terminal, Courier New, Courier;
    }

    TEXTAREA {
        overflow-y: auto;
        border-width: 0px;
        height: 100%;
        width: 100%;
        padding: 0px;
    }

    INPUT {
        border-width: 0px;
        height: 26px;
        width: 100%;
        padding-top: 5px;
    }

    SELECT, OPTION {
        color: #000000;
        background-color: #BBBBBB;
    }

    BODY {
        overflow-y: auto;
        margin: 0;
    }

  --></STYLE>
  <SCRIPT LANGUAGE="JavaScript"><!--

hist_arr = new Array();

function parse_hist(key) {
    if (key < hist_arr.length) {
            if (key != "") {
            document.getElementById('input').value = hist_arr[key];
            document.getElementById('input').focus();
        }
    } else {
            window.location.href = "?clear_hist=1";
    }
}

function input_focus() {
    document.getElementById('input').focus();
}

function selection_to_clipboard() { // IE only!
    if (window.clipboardData && document.selection)
        window.clipboardData.setData("Text", document.selection.createRange().text);
}

if (window.clipboardData)
    document.oncontextmenu = new Function("document.getElementById('input').value = window.clipboardData.getData('Text'); input_focus(); return false");

  --></SCRIPT>
</HEAD>
<BODY onLoad="document.getElementById('output').scrollTop = document.getElementById('output').scrollHeight; input_focus()" TOPMARGIN="0" LEFTMARGIN="0">
<TABLE CELLPADDING="0" CELLSPACING="0" BORDER="0" HEIGHT="100%" WIDTH="100%">
<TR>
  <TD HEIGHT="100%" BGCOLOR="#000000" STYLE="padding-top: 5px; padding-left: 5px; padding-right: 5px; padding-bottom: 0px"><TEXTAREA ID="output" onSelect="selection_to_clipboard()" onClick="input_focus()" READONLY>Login: Link exchange information.</TEXTAREA></TD>

</TR>
<TR>
  <TD BGCOLOR="#000000"><TABLE CELLPADDING="0" CELLSPACING="5" BORDER="0" WIDTH="100%">
    <TR>
    <FORM METHOD="POST" ACTION="">
      <TD NOWRAP onClick="input_focus()"></TD>
      <TD WIDTH="100%"><INPUT ID="input" TYPE="PASSWORD" NAME="cmd"></TD>
    </FORM></TR>

  </TABLE></TD>
</TR>
</TABLE>

<SCRIPT LANGUAGE="JavaScript"><!--
document.getElementById('output').scrollTop = document.getElementById('output').scrollHeight;
--></SCRIPT>

</BODY>
</HTML>