CVE-2018-14082 : Entrepreneur Job Portal Script 3.0.1- Reflected,Stored XSS via Search bar

CVE-2018-14082 - Vikas Chaudhary

# Exploit Title: Entrepreneur Job Portal Script 3.0.1- has Stored XSS via Search bar and Location
# Date: 14.07.2018
# Site Title: JOB SITE (Job Portal)
# Vendor Homepage:
#Vendor Software:
# Software Link:
# Category: Web Application
# Version: 3.0.1
# Exploit Author: Vikas Chaudhary
# Contact:
# Web:
#Published On:
# Tested on: Windows 10 -Firefox ,
# CVE: CVE-2018-14082
Proof of Concept:-
1. Go to the site ( ) .
2- Click on REGISTER page (Register now) .
3- Register by giving you name ,mail and soo on…
4- Verify your mail
5- Come to side and login using your verified mail
6 -When you Loged in
In search bar (keywords, skills , Destination) paste “><svg/onload=alert(/VIKAS/)> and in location paste “><svg/onload=alert(/CHAUDHARY/)> and click on Search

7-You will have 2 popup=> /VIKAS/ and /CHAUDHARY/

Myself Vikash Chaudhary, I was interested in general knowledge since childhood, so I thought why not share my knowledge with you, that's why I created this educational blog. I am a Youtuber, Author, Blogger, Trader, Freelancer, and Security Analyst. I have experience of 7 years in Blogging and Trading. I have written 3 books which you can find on this website.Keep Loving and Supporting... Thank you.