######################################################################################
# Exploit Title: PHP Scripts Mall website-seller Script 2.0.5 Stored and Reflected XSS.
# Date: 27.12.2018
# Exploit Author: Sukanta Beniya
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link: https://www.phpscriptsmall.com/product/website-seller-script/
# Category: Web Application
# Version: 2.0.5
# Tested on: Windows 10
# Web: https://suku90.wordpress.com
#######################################################################################
*Proof of Concept*
For Reflected XSS:
...................
1. First Goto XSS vulnerable Website "http://www.officialwebsiteforsale.com/"
2. Goto Search field
3. Edit search field with XSS script "<script>alert("SUKANTA")</script>"
4. Than Hit Enter
5. You, Will, See The XSS popup "SUKANTA"