Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:D274924A-0697-4AF3-869A-34844FC6CD0E
HistoryAug 09, 2021 - 12:00 a.m.

CVE-2021-38152

2021-08-0900:00:00
attackerkb.com
31
JSON

CVE-mitre:index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
nu11secur1ty: XSS-Stored – Brutal PWNED on Chikitsa 2.0.0 parameter “name” + User: Unrestricted File Upload “.php”

Recent assessments:

nu11secur1ty at August 09, 2021 1:20pm UTC reported:

CVE-mitre:index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
nu11secur1ty: XSS-Stored – Brutal PWNED on Chikitsa 2.0.0 parameter “name” + User: Unrestricted File Upload “.php”

Reproduce:

<https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38152&gt;

Proof:

<https://streamable.com/wbo5c1&gt;

Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5

Related

cve 1
prion 1
packetstorm 1
cve
cve
CVE-2021-38152
2021-08-06 12:15:00
prion
prion
Cross site scripting
2021-08-06 12:15:00
packetstorm
packetstorm
Chikitsa 2.0.0 Cross Site Scripting
2021-08-13 00:00:00
JSON
Related for AKB:D274924A-0697-4AF3-869A-34844FC6CD0E
cve1prion1packetstorm1