Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Allegra — Vulnerabilities & Security Advisories 22

All 22 CVE vulnerabilities found in Allegra, with AI-generated Chinese analysis, references, and POCs.

Vendor: Allegra

CVE IDTitleCVSSSeverityPublished
CVE-2025-11466 Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability CWE-22 6.5AIMediumAI2025-10-29
CVE-2025-6216 Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability CWE-640 9.8AICriticalAI2025-06-21
CVE-2025-3485 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8AIHighAI2025-06-06
CVE-2025-3486 Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8AIHighAI2025-05-22
CVE-2024-5581 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2024-5580 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 8.8 -2024-11-22
CVE-2024-5579 Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 8.8 -2024-11-22
CVE-2024-30372 Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability CWE-1336 8.8 -2024-11-22
CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability CWE-22 6.5 -2024-11-22
CVE-2023-52333 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-52332 Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability CWE-22 7.5 -2024-11-22
CVE-2023-51648 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability CWE-22 6.5 -2024-11-22
CVE-2023-51647 Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-51646 Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-51645 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-51644 Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability CWE-284 9.8 -2024-11-22
CVE-2023-51643 Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-51642 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability CWE-502 8.8 -2024-11-22
CVE-2023-51641 Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability CWE-502 8.8 -2024-11-22
CVE-2023-51640 Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability CWE-22 8.8 -2024-11-22
CVE-2023-51639 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability CWE-22 9.8 -2024-11-22
CVE-2023-51638 Allegra Hard-coded Credentials Authentication Bypass Vulnerability CWE-798 9.8 -2024-11-22

All 22 known CVE vulnerabilities affecting Allegra with full Chinese analysis, references, and POCs where available.