Entrepreneur Job Portal Script 3.0.1 Cross Site Scripting

`*******************************************************************************************  
# Exploit Title: Entrepreneur Job Portal Script 3.0.1- has Stored XSS via Search bar and Location   
# Date: 14.07.2018  
# Site Titel : JOB SITE (Job Portal)  
# Vendor Homepage: https://www.phpscriptsmall.com/  
#Vendor Software: https://www.phpscriptsmall.com/product/entrepreneur-job-portal-script/  
# Software Link: http://freelancewebdesignerchennai.com/demo/job-portal/   
# Category: Web Application  
# Version: 3.0.1  
# Exploit Author: Vikas Chaudhary  
# Contact: https://www.facebook.com/profile.php?id=100011287630308  
# Web: https://gkaim.com/  
#Published On: https://gkaim.com/cve-2018-14082-vikas-chaudhary/  
# Tested on: Windows 10 -Firefox ,  
# CVE: CVE-2018-14082  
*****************************************************************************************  
------------------------------------------------------ .  
Proof of Concept:-   
-------------------------------------------------------  
1. Go to the site ( http://server.com/job-portal/ ) .  
2- Click on REGISTER page (Register now) .  
3- Register by giving you name ,mail and soo on...  
4- Verify your mail  
5- Come to side and login using your verified mail  
6 -When you Loged in   
In search bar (keywords, skills , Destination) paste "><svg/onload=alert(/VIKAS/)> and in location paste "><svg/onload=alert(/CHAUDHARY/)> and click on Search  
  
7-You will have 2 popup=> /VIKAS/ and /CHAUDHARY/  
  
`