VYPR
Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Mar 5, 2026

Chikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated)

CVE-2021-47758

Description

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Chikitsa/Chikitsallm-create
    Range: = 2.0.2
  • dharashah/Chikitsa Patient Management Systemv5
    Range: 2.0.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.