32 matches found
CVE-2021-47758
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables...
CVE-2021-47757
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...
CVE-2021-47758
Chikitsa Patient Management System 2.0.2 is affected by an authenticated remote code execution (RCE) vulnerability exposed via the module upload function. An authenticated attacker can upload a ZIP plugin containing a PHP backdoor, enabling arbitrary command execution on the server through a weap...
CVE-2021-47758 Chikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated)
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables...
EUVD-2026-2778
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...
CVE-2021-47757
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...
CVE-2021-47757 Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server...
EUVD-2021-24623
Malware in sbrugna...
EUVD-2021-24624
Malware in sbrugna...
EUVD-2021-24621
Malware in sbrugna...
CVE-2021-38152
index.php/appointment/insertpatientaddappointment in Chikitsa Patient Management System 2.0.0 allows XSS...
CVE-2021-38149
index.php/admin/adduser in Chikitsa Patient Management System 2.0.0 allows XSS...
CVE-2021-38151
index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS...
Chikitsa Patient Management System 2.0.2 - (backup) Remote Code Execution Exploit
Exploit Title: Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution RCE Authenticated Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Chikitsa Patient Management System 2.0.2 - (plugin) Remote Code Execution Exploit
Exploit Title: Chikitsa Patient Management System 2.0.2 - Remote Code Execution RCE Authenticated Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Chikitsa Patient Management System 2.0.2 Backup Remote Code Execution
Exploit Title: Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution RCE Authenticated Date: 03/12/2021 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)
Exploit Title: Chikitsa Patient Management System 2.0.2 - Remote Code Execution RCE Authenticated Date: 03/12/2021 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
Chikitsa Patient Management System 2.0.2 - 'backup' Remote Code Execution (RCE) (Authenticated)
Exploit Title: Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution RCE Authenticated Date: 03/12/2021 Exploit Author: 0z09e https://twitter.com/0z09e Vendor Homepage: https://sourceforge.net/u/dharashah/profile/ Software Link:...
The vulnerability of the index.php/appointment/todos component of the Chikitsa Patient Management System allows an attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the index.php/appointment/todos component of the Chikitsa Patient Management System exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected...
CVE-2021-38152
CVE-mitre:index.php/appointment/insertpatientaddappointment in Chikitsa Patient Management System 2.0.0 allows XSS. nu11secur1ty: XSS-Stored - Brutal PWNED on Chikitsa 2.0.0 parameter "name" + User: Unrestricted File Upload ".php"...