Vulnerability Database

318,251

Total vulnerabilities in the database

CVE-2021-47758

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script.

Published: Jan 15, 2026
Updated: Jan 16, 2026
CVE: CVE-2021-47758
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-434

Affected Software
References

No affected software listed.

https://github.com/sanskruti-technologies/chikitsa
https://sourceforge.net/projects/chikitsa/
https://www.chikitsa.io/
https://www.exploit-db.com/exploits/50571

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo