CVE-2021-27544

Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt