exploitDog

CVE-2021-47757

Опубликовано: 15 янв. 2026

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.

Ссылки

https://github.com/sanskruti-technologies/chikitsa
Product
https://sourceforge.net/projects/chikitsa/
Product
https://www.chikitsa.io/
Product
https://www.exploit-db.com/exploits/50572
Exploit
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:chikitsa:patient_management_system:2.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00479

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-8f5x-4gfr-8fxp

CVSS3: 8.8

github

23 дня назад

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.

EPSS

Процентиль: 64%

0.00479

Низкий

8.8 High

CVSS3

Дефекты

CWE-434