Patient Management System CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-47757	1 Chikitsa	1 Patient Management System	2026-01-16	8.8 High
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.
CVE-2021-47758	1 Chikitsa	1 Patient Management System	2026-01-16	8.8 High
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script.
CVE-2021-38152	1 Chikitsa	1 Patient Management System	2024-11-21	5.4 Medium
index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
CVE-2021-38151	1 Chikitsa	1 Patient Management System	2024-11-21	5.4 Medium
index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS.
CVE-2021-38149	1 Chikitsa	1 Patient Management System	2024-11-21	5.4 Medium
index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS.

Page 1 of 1.