Phpgurukul

Hostel Management System

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.7

CVE-2025-63611

Exploit
  • EPSS 0.04%
  • Veröffentlicht 08.01.2026 00:00:00
  • Zuletzt bearbeitet 12.01.2026 18:45:23

Cross-Site Scripting in phpgurukul Hostel Management System v2.1 user-provided complaint fields (Explain the Complaint) submitted via /register-complaint.php are stored and rendered unescaped in the admin viewer (/admin/complaint-details.php?cid=<id>...

5.4

CVE-2025-13577

  • EPSS 0.04%
  • Veröffentlicht 24.11.2025 01:32:07
  • Zuletzt bearbeitet 24.02.2026 07:16:52

A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Executing a manipulation of the argument cdetails can lead to cross site scripting. It is possible to l...

5.4

CVE-2025-28129

Exploit
  • EPSS 0.03%
  • Veröffentlicht 06.10.2025 00:00:00
  • Zuletzt bearbeitet 21.10.2025 18:40:55

Phpgurukul Hostel Management System 2.1 is vulnerable to clickjacking.

9.8

CVE-2025-6155

Exploit
  • EPSS 0.06%
  • Veröffentlicht 17.06.2025 02:31:09
  • Zuletzt bearbeitet 24.06.2025 15:53:33

A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is ...

9.8

CVE-2025-6154

Exploit
  • EPSS 0.06%
  • Veröffentlicht 17.06.2025 02:31:06
  • Zuletzt bearbeitet 24.06.2025 15:53:35

A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. ...

9.8

CVE-2025-6153

Exploit
  • EPSS 0.06%
  • Veröffentlicht 17.06.2025 02:00:09
  • Zuletzt bearbeitet 24.06.2025 15:53:37

A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The att...

9.1

CVE-2025-45953

Exploit
  • EPSS 0.29%
  • Veröffentlicht 28.04.2025 00:00:00
  • Zuletzt bearbeitet 30.04.2025 18:03:25

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely

6.1

CVE-2023-36939

Exploit
  • EPSS 0.17%
  • Veröffentlicht 10.07.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:10:57

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.

5.4

CVE-2023-36375

Exploit
  • EPSS 0.17%
  • Veröffentlicht 10.07.2023 17:15:09
  • Zuletzt bearbeitet 11.11.2025 18:15:33

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the...

4.8

CVE-2023-36376

Exploit
  • EPSS 0.08%
  • Veröffentlicht 10.07.2023 16:15:53
  • Zuletzt bearbeitet 21.11.2024 08:09:37

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.