Online Market Place Site 1.0 Cross Site Scripting

# Exploit Title: Online Market Place Site v1.0 - Stored Cross-Site Scripting (XSS)# Exploit Author: Joe Pollock# Date: September 03, 2022# Vendor Homepage: https://www.sourcecodester.com/php/15273/online-market-place-site-phpoop-free-source-code.html# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/omps.zip# Tested on: Kali Linux, Apache, Mysql# CVE: CVE-2022-30003 (RESERVED)# Vendor: oretnom23# Version: v1.0# Exploit Description:#   Online Market Place Site v1.0 suffers from an authenticated stored Cross-Site Scripting (XSS) vulnerability allowing attackers to register#   as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.To reporduce:1. Sign as a Seller (or create an account) then add a product by navigating to 'Products' > 'Add New'.2. Add an XSS payload (e.g. <script>alert(1)</script>) within the 'Product Title' and/or 'Short Description' fields.3. Click 'SAVE' - the XSS payload(s) will be executed immediately or anytime the product is viewed.