Dharashah Chikitsa Patient Management System vulnerabilities
2 known vulnerabilities affecting dharashah/chikitsa_patient_management_system.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2021-47757P2HIGHCVSS 8.8v2.0.22026-01-15
CVE-2021-47757 [HIGH] CWE-434 CVE-2021-47757: Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerabili
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.
nvd
CVE-2021-47758P2HIGHCVSS 8.8v2.0.22026-01-15
CVE-2021-47758 [HIGH] CWE-434 CVE-2021-47758: Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerabili
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponize
nvd