Hostel Management System@2.1 Security Vulnerabilities and Issues — Hostel Management System@2.1 CVE List

Lucene search

PhpgurukulHostel Management System2.1

6 matches found

CVE•added 2020/10/08 1:15 p.m.•60 views

CVE-2020-25270

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.

5.4CVSS5.2AI score0.00211EPSS

CVE•added 2025/04/28 8:15 p.m.•44 views

CVE-2025-45953

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely

9.1CVSS6.5AI score0.00057EPSS

CVE•added 2023/07/10 4:15 p.m.•38 views

CVE-2023-36376

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.

4.8CVSS4.9AI score0.0007EPSS

CVE•added 2021/12/01 8:15 p.m.•33 views

CVE-2021-43137

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.

8.8CVSS8.2AI score0.00135EPSS

CVE•added 2023/07/10 5:15 p.m.•30 views

CVE-2023-36375

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.

5.4CVSS5.7AI score0.00541EPSS

CVE•added 2023/07/10 6:15 p.m.•22 views

CVE-2023-36939

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.

6.1CVSS5.8AI score0.00132EPSS