(CVE-2018-14082) – I found that specified PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has XSS vulnerability via the Search bar parameter. To exploit this vulnerability, the following steps were taken.
Step 1- Go to site “ http://freelancewebdesignerchennai.com/demo/job-portal/ ” or CLICK HERE
Step 2- Click on REGISTER page (Register now) .
Step 3- Register by giving you name ,mail and soo on…
Step 4- Verify your mail
Step 5- Come to side and login using your verified mail
Step 6- When you Logged in
In serach bar (keywords, skills , Destination) paste this script “>< *svg/onload=alert(/VIKAS/)> and in location paste “>< *svg/onload=alert(/CHAUDHARY/)> and click on Search.
[ Note=> Remove * from script]
7-You will have 2 popup=> /VIKAS/ and /CHAUDHARY/