Shodan
Vulnerabilities
Vulnerable Software
Phpgurukul:  >> Hostel Management System  Security Vulnerabilities
CVE-2025-45953
A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change Password component. Improper handling of session data allows a Session Hijacking attack, exploitable remotely
CVSS Score
9.1
EPSS Score
0.0
Published
2025-04-28
CVE-2023-36939
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-07-10
CVE-2023-36375
Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-07-10
CVE-2023-36376
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-07-10
CVE-2023-34647
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.002
Published
2023-06-28
CVE-2023-34652
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting (XSS) via Add New Course.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-06-28
CVE-2021-43137
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-12-01
CVE-2020-25270
PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-10-08
CVE-2020-5510
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
CVSS Score
9.8
EPSS Score
0.003
Published
2020-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved