Alltena Allegra
21 CVEs affecting Alltena Allegra. Latest disclosed: 2025-06-21. Critical: 3, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-6216 | Critical | 9.8 | 2025-06-21 | Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on aff… |
CVE-2023-51639 | Critical | 9.8 | 2024-11-22 | Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on a… |
CVE-2023-51638 | Critical | 9.8 | 2024-11-22 | Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installatio… |
CVE-2025-3485 | High | 8.8 | 2025-06-06 | Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on aff… |
CVE-2025-3486 | High | 8.8 | 2025-05-22 | Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affec… |
CVE-2023-52332 | High | 7.5 | 2024-11-22 | Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive inform… |
CVE-2023-52333 | High | 7.3 | 2024-11-22 | Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected inst… |
CVE-2023-51644 | High | 7.3 | 2024-11-22 | Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a… |
CVE-2024-5581 | High | 7.2 | 2024-11-22 | Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected ins… |
CVE-2024-5580 | High | 7.2 | 2024-11-22 | Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c… |
CVE-2024-5579 | High | 7.2 | 2024-11-22 | Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary… |
CVE-2023-52334 | Medium | 6.5 | 2024-11-22 | Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive inf… |
CVE-2023-51648 | Medium | 6.5 | 2024-11-22 | Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive infor… |
CVE-2024-30372 | Medium | 6.3 | 2024-11-22 | Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on… |
CVE-2023-51642 | Medium | 6.3 | 2024-11-22 | Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c… |
CVE-2023-51641 | Medium | 6.3 | 2024-11-22 | Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar… |
CVE-2023-51647 | Medium | 4.7 | 2024-11-22 | Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte… |
CVE-2023-51646 | Medium | 4.7 | 2024-11-22 | Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affec… |
CVE-2023-51645 | Medium | 4.7 | 2024-11-22 | Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected ins… |
CVE-2023-51643 | Medium | 4.7 | 2024-11-22 | Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected in… |