PT-2026-3033 · Unknown · Chikitsa Patient Management System
0Z09E
·
Published
2026-01-15
·
Updated
2026-01-20
·
CVE-2021-47757
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Chikitsa Patient Management System version 2.0.2
Description
The software contains an authenticated remote code execution issue in the backup restoration functionality. An authenticated attacker can upload a modified backup zip file containing a malicious PHP shell, allowing for the execution of arbitrary system commands on the server.
Recommendations
Apply updates to address the issue in the backup restoration functionality.
Exploit
Fix
RCE
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Chikitsa Patient Management System