Phpgurukul Hostel Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Phpgurukul Hostel Management System.
By the Year
In 2025 there have been 4 vulnerabilities in Phpgurukul Hostel Management System with an average score of 9.8 out of ten. Hostel Management System did not have any published security vulnerabilities last year. That is, 4 more vulnerabilities have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 4 | 9.80 |
| 2024 | 0 | 0.00 |
| 2023 | 5 | 5.70 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 8.80 |
| 2020 | 2 | 7.60 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Hostel Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Phpgurukul Hostel Management System Security Vulnerabilities
A vulnerability was found in PHPGurukul Hostel Management System 1.0
CVE-2025-6155
9.8 - Critical
- June 17, 2025
A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical
CVE-2025-6154
9.8 - Critical
- June 17, 2025
A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical
CVE-2025-6153
9.8 - Critical
- June 17, 2025
A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component
CVE-2025-45953
- April 28, 2025
A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1
CVE-2023-36939
6.1 - Medium
- July 10, 2023
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.
XSS
Cross Site Scripting vulnerability in Hostel Management System v2.1
CVE-2023-36375
5.4 - Medium
- July 10, 2023
Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.
XSS
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1
CVE-2023-36376
4.8 - Medium
- July 10, 2023
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.
XSS
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).
CVE-2023-34647
6.1 - Medium
- June 28, 2023
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).
XSS
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-34652
6.1 - Medium
- June 28, 2023
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.
XSS
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1
CVE-2021-43137
8.8 - High
- December 01, 2021
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.
Session Riding
PHPGurukul hostel-management-system 2.1
CVE-2020-25270
5.4 - Medium
- October 08, 2020
PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.
XSS
PHPGurukul Hostel Management System v2.0
CVE-2020-5510
9.8 - Critical
- January 08, 2020
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hostelmanagementsystemproject Hostel Management System or by Phpgurukul? Click the Watch button to subscribe.
