Chikitsa

chikitsa

7 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Patient Management System

patient_management_system

Patient Management Software

patient_management_software

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-47758 1Chikitsa 1Patient Management System Feb 3, 2026 Jan 15, 2026 8.7 HIGH· v4 8.8 HIGH· v3 N/A· v2 Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attacker...Show more Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script.Show less
CVE-2021-47757 1Chikitsa 1Patient Management System Jan 23, 2026 Jan 15, 2026 8.7 HIGH· v4 8.8 HIGH· v3 N/A· v2 Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicio...Show more Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.Show less
CVE-2021-42869 1Chikitsa 1Patient Management Software Nov 21, 2024 Mar 31, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5...Show more A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5) /bill_detail_report pages.Show less
CVE-2021-42868 1Chikitsa 1Patient Management Software Nov 21, 2024 Mar 31, 2022 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bil...Show more A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. .Show less
CVE-2021-38152 1Chikitsa 1Patient Management System Nov 21, 2024 Aug 6, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
CVE-2021-38151 1Chikitsa 1Patient Management System Nov 21, 2024 Aug 6, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS.
CVE-2021-38149 1Chikitsa 1Patient Management System Nov 21, 2024 Aug 6, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS.