There are different reasons for a web site to be hacked.
You can find a list with the most common ones below:
In a case of a hacked web site you should download all the web site files on your local computer and scan them with a updated anti-virus program.
In this way you will be able to find the files that contain malicious code. Then you can edit the files and remove the lines inserted by the hackers. Also, you will find the exploits and the back-doors uploaded by the hackers. These files should be deleted.
Once you have a clean copy of the web site, delete the infected one and upload the cleaned files back to the server.
Then you should upgrade your script to the latest stable version.
Also, there are some basic security guidelines that you can follow:
Additionally, you can contact you web hosting provider. Their technical support department representatives should be able to assist you with the malicious code cleaning and the application upgrade.