Hostel Management System Phpgurukul Hostel Management System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Phpgurukul Hostel Management System.

By the Year

In 2025 there have been 4 vulnerabilities in Phpgurukul Hostel Management System with an average score of 9.8 out of ten. Hostel Management System did not have any published security vulnerabilities last year. That is, 4 more vulnerabilities have already been reported in 2025 as compared to last year.




Year Vulnerabilities Average Score
2025 4 9.80
2024 0 0.00
2023 5 5.70
2022 0 0.00
2021 1 8.80
2020 2 7.60
2019 0 0.00
2018 0 0.00

It may take a day or so for new Hostel Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Phpgurukul Hostel Management System Security Vulnerabilities

A vulnerability was found in PHPGurukul Hostel Management System 1.0

CVE-2025-6155 9.8 - Critical - June 17, 2025

A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical

CVE-2025-6154 9.8 - Critical - June 17, 2025

A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical

CVE-2025-6153 9.8 - Critical - June 17, 2025

A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component

CVE-2025-45953 - April 28, 2025

A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1

CVE-2023-36939 6.1 - Medium - July 10, 2023

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.

XSS

Cross Site Scripting vulnerability in Hostel Management System v2.1

CVE-2023-36375 5.4 - Medium - July 10, 2023

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.

XSS

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1

CVE-2023-36376 4.8 - Medium - July 10, 2023

Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.

XSS

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).

CVE-2023-34647 6.1 - Medium - June 28, 2023

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).

XSS

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS)

CVE-2023-34652 6.1 - Medium - June 28, 2023

PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.

XSS

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1

CVE-2021-43137 8.8 - High - December 01, 2021

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.

Session Riding

PHPGurukul hostel-management-system 2.1

CVE-2020-25270 5.4 - Medium - October 08, 2020

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.

XSS

PHPGurukul Hostel Management System v2.0

CVE-2020-5510 9.8 - Critical - January 08, 2020

PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Hostelmanagementsystemproject Hostel Management System or by Phpgurukul? Click the Watch button to subscribe.

Phpgurukul
Vendor

subscribe