I have noticed an upsurge in code injection attacks, most steming from the service here
http://yourinfo.any-request-allowed.com/The visit from yourinfo isnt the danger, but the info the ELS gets back will tell them if your susectible to any of the common code injection hack.
I suspect URLs are being mined of the likes of Forum sites by a group and they then mass test these site UELs for an openuing.