Cross Site Scripting (XSS) in the «add-services.php» component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the «sername» parameter.
