Hostel Management System Security Vulnerabilities and Issues — Hostel Management System CVE List

Lucene search

PhpgurukulHostel Management System

12 matches found

CVE•added 2020/10/08 1:15 p.m.•60 views

CVE-2020-25270

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.

5.4CVSS5.2AI score0.00211EPSS

CVE•added 2025/04/28 8:15 p.m.•44 views

CVE-2025-45953

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely

9.1CVSS6.5AI score0.00057EPSS

CVE•added 2020/01/08 6:15 p.m.•40 views

CVE-2020-5510

PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.

10CVSS9.7AI score0.0032EPSS

CVE•added 2023/07/10 4:15 p.m.•38 views

CVE-2023-36376

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.

4.8CVSS4.9AI score0.0007EPSS

CVE•added 2021/12/01 8:15 p.m.•33 views

CVE-2021-43137

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.

8.8CVSS8.2AI score0.00135EPSS

CVE•added 2023/06/28 10:15 p.m.•30 views

CVE-2023-34647

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).

6.1CVSS6.1AI score0.0021EPSS

CVE•added 2023/07/10 5:15 p.m.•30 views

CVE-2023-36375

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.

5.4CVSS5.7AI score0.00541EPSS

CVE•added 2023/06/28 9:15 p.m.•24 views

CVE-2023-34652

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.

6.1CVSS6AI score0.00305EPSS

CVE•added 2023/07/10 6:15 p.m.•22 views

CVE-2023-36939

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.

6.1CVSS5.8AI score0.00132EPSS

CVE•added 2025/06/17 3:15 a.m.•10 views

CVE-2025-6154

A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit...

9.8CVSS7.5AI score0.00032EPSS

CVE•added 2025/06/17 3:15 a.m.•10 views

CVE-2025-6155

A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS7.5AI score0.00032EPSS

CVE•added 2025/06/17 3:15 a.m.•9 views

CVE-2025-6153

A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has be...

9.8CVSS7.5AI score0.00032EPSS