📦 Allegra
by Alltena
🔍 What is Allegra?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows remote attackers to bypass authentication in Allegra by exploiting a predictable password reset token generation mechanism. Attackers can reset passwords and gain unauthorize...
This vulnerability allows remote attackers to bypass authentication on Allegra installations by exploiting hard-coded database credentials. Attackers can gain unauthorized access without authenticatio...
This vulnerability allows authenticated remote attackers to execute arbitrary code on affected Allegra installations by exploiting a deserialization flaw in the loadFieldMatch method. Attackers can ac...
This directory traversal vulnerability in Allegra's serveMathJaxLibraries method allows unauthenticated remote attackers to read arbitrary files on the server. Affected installations of Allegra softwa...
This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Allegra installations due to improper access control in Struts configuration. Affected systems are Allegra insta...
This vulnerability allows authenticated remote attackers to bypass authentication and execute arbitrary code on Allegra installations via directory traversal in the uploadSimpleFile method. Attackers ...
This vulnerability allows authenticated remote attackers to read arbitrary files on Allegra installations via directory traversal in the getFileContentAsString method. Attackers can exploit this to di...
This directory traversal vulnerability in Allegra's downloadAttachmentGlobal function allows authenticated attackers to read arbitrary files on the server. Attackers can exploit this to steal sensitiv...
This vulnerability allows authenticated remote attackers to bypass authentication and execute arbitrary code via a directory traversal flaw in Allegra's extractZippedFile method. It affects Allegra in...
This vulnerability allows remote authenticated attackers to execute arbitrary code on affected Allegra installations by exploiting a deserialization flaw in the loadFieldMatch method. Attackers can cr...