CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36939
https://notcve.org/view.php?id=CVE-2023-36939
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field. • https://medium.com/%40ridheshgohil1092/cve-2023-36939-xss-online-security-guards-hiring-system-7547ee114134 https://packetstormsecurity.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36376
https://notcve.org/view.php?id=CVE-2023-36376
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section. • https://medium.com/%40ridheshgohil1092/cve-2023-36376-xss-on-hostel-management-system-c6891993527 https://packetstormsecurity.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36375
https://notcve.org/view.php?id=CVE-2023-36375
Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page. • https://medium.com/%40ridheshgohil1092/cve-2023-36375-xss-on-hostel-management-system-d654e6df26bc https://packetstormsecurity.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43137
https://notcve.org/view.php?id=CVE-2021-43137
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover. Una vulnerabilidad de tipo Cross-Site Scripting (XSS) y Cross-Site Request Forgery (CSRF) se presenta en hostel management system versión 2.1, por medio del campo name en el archivo my-profile.php. El encadenamiento de ambas vulnerabilidades conlleva a una toma de posesión de la cuenta • https://www.exploit-db.com/exploits/50461 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2020-25270 – Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)
https://notcve.org/view.php?id=CVE-2020-25270
PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City. PHPGurukul hostel-management-system versión 2.1, permite un ataque de tipo XSS por medio de Guardian Name, Guardian Relation, Guardian Contact no, Address, o City Hostel Management System version 2.1 suffers from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/48905 https://github.com/Ko-kn3t/CVE-2020-25270 http://packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html https://phpgurukul.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •