Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Mar 5, 2026
Chikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated)
CVE-2021-47758
Description
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- dharashah/Chikitsa Patient Management Systemv5Range: 2.0.2
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/50571mitreexploit
- sourceforge.net/projects/chikitsa/mitreproduct
- www.chikitsa.iomitreproduct
News mentions
0No linked articles in our index yet.