Alltena Allegra

21 CVEs affecting Alltena Allegra. Latest disclosed: 2025-06-21. Critical: 3, High: 8.

Top CVEs affecting Alltena Allegra
CVESeverityScorePublishedSummary
CVE-2025-6216Critical9.82025-06-21Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on aff…
CVE-2023-51639Critical9.82024-11-22Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on a…
CVE-2023-51638Critical9.82024-11-22Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installatio…
CVE-2025-3485High8.82025-06-06Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on aff…
CVE-2025-3486High8.82025-05-22Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affec…
CVE-2023-52332High7.52024-11-22Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive inform…
CVE-2023-52333High7.32024-11-22Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected inst…
CVE-2023-51644High7.32024-11-22Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a…
CVE-2024-5581High7.22024-11-22Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected ins…
CVE-2024-5580High7.22024-11-22Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c…
CVE-2024-5579High7.22024-11-22Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2023-52334Medium6.52024-11-22Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive inf…
CVE-2023-51648Medium6.52024-11-22Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive infor…
CVE-2024-30372Medium6.32024-11-22Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on…
CVE-2023-51642Medium6.32024-11-22Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c…
CVE-2023-51641Medium6.32024-11-22Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar…
CVE-2023-51647Medium4.72024-11-22Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte…
CVE-2023-51646Medium4.72024-11-22Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affec…
CVE-2023-51645Medium4.72024-11-22Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected ins…
CVE-2023-51643Medium4.72024-11-22Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected in…