PT-2026-49052

Name of the Vulnerable Software and Affected Versions Allegra affected versions not specified Description A flaw in the downloadAttachment method allows remote attackers to execute arbitrary scripts on affected installations. This occurs due to insufficient validation of user-supplied data,...

Allegra 授权问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra. An authorization issue vulnerability exists in Allegra that stems from a password recovery mechanism that relies on predictable values, which could lead to authentication bypass...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A path traversal vulnerability exists in Allegra that stems from the isZipEntryValide method not properly validating a user-supplied path, which could lead to remote code execution...

CVE-2024-5581

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

CVE-2023-51646

Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can...

CVE-2023-51643

Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

CVE-2023-51642

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

EUVD-2024-47120

Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A path traversal vulnerability exists in Allegra that stems from the saveFile feature containing a directory traversal remote code execution vulnerability...

Allegra 访问控制错误漏洞

Allegra is a project management software for mid-sized organizations from Allegra. An access control error vulnerability exists in Allegra that stems from the SiteConfigAction feature containing an improperly access controlled remote code execution vulnerability...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. Allegra suffers from a path traversal vulnerability that stems from the unzipFile feature containing a directory traversal remote code execution vulnerability...

Allegra 代码问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A code issue vulnerability exists in Allegra that stems from the renderFieldMatch feature containing an untrusted data deserialization remote code execution vulnerability...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. Allegra suffers from a path traversal vulnerability that stems from the extarctZippedFile feature containing a directory traversal remote code execution vulnerability...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A path traversal vulnerability exists in Allegra, which stems from the getFileContentAsString function containing a directory traversal information disclosure vulnerability...

Allegra 代码问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra, Inc. Allegra suffers from a code issue vulnerability that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execute arbitrary code...

Allegra 代码问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A code issue vulnerability exists in Allegra that stems from the loadFieldMatch feature containing an untrusted data deserialization remote code execution vulnerability...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A path traversal vulnerability exists in Allegra, which stems from the uploadFile feature containing a directory traversal remote code execution vulnerability...

Allegra 信任管理问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra. A trust management issue vulnerability exists in Allegra that stems from the inclusion of a hard-coded credential that leads to an authentication bypass vulnerability...

Allegra 代码问题漏洞

Allegra is a project management software for mid-sized organizations from Allegra, Inc. Allegra suffers from a code issue vulnerability that stems from a lack of proper validation of user-supplied data. An attacker can exploit the vulnerability to execute arbitrary code...

Allegra 路径遍历漏洞

Allegra is a project management software for mid-sized organizations from Allegra. Allegra suffers from a path traversal vulnerability that stems from the serveMathJaxLibraries feature containing a directory traversal information disclosure vulnerability...