Vendor
Chikitsa
Products
2
CVEs
4
Across products
5
Status
Private
Products
2- 3 CVEs
- 2 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-38152 | Med | 0.35 | 5.4 | 0.01 | Aug 6, 2021 | index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS. | ||
| CVE-2021-38151 | Med | 0.35 | 5.4 | 0.01 | Aug 6, 2021 | index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS. | ||
| CVE-2021-47758 | 0.00 | — | 0.01 | Jan 15, 2026 | Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor… | |||
| CVE-2021-47757 | 0.00 | — | 0.01 | Jan 15, 2026 | Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the… |
- risk 0.35cvss 5.4epss 0.01
index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
- risk 0.35cvss 5.4epss 0.01
index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS.
- CVE-2021-47758Jan 15, 2026risk 0.00cvss —epss 0.01
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor…
- CVE-2021-47757Jan 15, 2026risk 0.00cvss —epss 0.01
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the…