Alltena Allegra — known CVE vulnerabilities
Every CVE whose affected-product data names Alltena Allegra, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
- CVE-2023-51638 — CVSS 9.8 (critical): Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on…
- CVE-2023-51639 — CVSS 9.8 (critical): Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass…
- CVE-2025-6216 — CVSS 9.8 (critical): Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass…
- CVE-2025-3486 — CVSS 8.8 (high): Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
- CVE-2025-3485 — CVSS 8.8 (high): Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
- CVE-2023-52332 — CVSS 7.5 (high): Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
- CVE-2023-52333 — CVSS 7.3 (high): Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
- CVE-2023-51644 — CVSS 7.3 (high): Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
- CVE-2024-5581 — CVSS 7.2 (high): Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
- CVE-2024-5579 — CVSS 7.2 (high): Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
- CVE-2024-5580 — CVSS 7.2 (high): Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
- CVE-2023-51648 — CVSS 6.5 (medium): Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
- CVE-2023-52334 — CVSS 6.5 (medium): Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
- CVE-2023-51641 — CVSS 6.3 (medium): Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
- CVE-2023-51642 — CVSS 6.3 (medium): Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
- CVE-2024-30372 — CVSS 6.3 (medium): Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
- CVE-2023-51647 — CVSS 4.7 (medium): Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
- CVE-2023-51646 — CVSS 4.7 (medium): Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
- CVE-2023-51645 — CVSS 4.7 (medium): Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
- CVE-2023-51643 — CVSS 4.7 (medium): Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
- CVE-2023-51640 — CVSS 4.7 (medium): Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…