Phpgurukul Hostel Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Phpgurukul Hostel Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2020-5510 — CVSS 9.8 (critical): PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
CVE-2025-45953 — CVSS 9.1 (critical): A vulnerability was found in PHPGurukul Hostel Management System 2.1 in the /hostel/change-password.php file of the user panel - Change…
CVE-2021-43137 — CVSS 8.8 (high): Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in…
CVE-2025-63611 — CVSS 8.7 (high): Cross-Site Scripting in phpgurukul Hostel Management System v2.1 user-provided complaint fields (Explain the Complaint) submitted via…
CVE-2025-6153 — CVSS 7.3 (high): A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-6154 — CVSS 7.3 (high): A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing…
CVE-2025-6155 — CVSS 7.3 (high): A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function…
CVE-2023-36939 — CVSS 6.1 (medium): Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted…
CVE-2020-25270 — CVSS 5.4 (medium): PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.
CVE-2023-36375 — CVSS 5.4 (medium): Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to…
CVE-2023-36376 — CVSS 4.8 (medium): Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a…
CVE-2025-13577 — CVSS 3.5 (low): A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file…