Arbitrary Code Execution via Cross Site Scripting (XSS) in PHPGurukul Beauty Parlour Management System v1.0
CVE-2021-27544 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.
Learn more about our Web Application Penetration Testing UK.