Aggregates CVE and security vulnerability intelligence across all chikitsa-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting, with potential vendor impact session compromise across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-47758 | Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script. | [email protected] | 8.7 | 0.84% | 2026-01-15 | 2026-02-03 |
| CVE-2021-47757 | Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server. | [email protected] | 8.7 | 0.76% | 2026-01-15 | 2026-01-23 |
| CVE-2021-42869 | A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5) /bill_detail_report pages. | [email protected] | 4.8 | 0.53% | 2022-03-31 | 2024-11-21 |
| CVE-2021-42868 | A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. . | [email protected] | 4.8 | 0.82% | 2022-03-31 | 2024-11-21 |
| CVE-2021-38152 | index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS. | [email protected] | 5.4 | 1.01% | 2021-08-06 | 2024-11-21 |
| CVE-2021-38151 | index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS. | [email protected] | 5.4 | 0.62% | 2021-08-06 | 2024-11-21 |
| CVE-2021-38149 | index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS. | [email protected] | 5.4 | 0.66% | 2021-08-06 | 2024-11-21 |