Vulnerability fixed in SmarterTools SmarterMail

SmarterTools has fixed vulnerabilities in SmarterMail. A malicious party could exploit the vulnerabilities to bypass authentication and execute arbitrary code with administrator privileges, and possibly SYSTEM. For successful abuse, the malicious party must have access to the API interface...

CVE-2026-23760

creationtimestamp| type| source ---|---|--- 2026-01-22 15:50:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mczjzl6bjk2c 2026-01-23 10:46:49+00:00| seen| https://bsky.app/profile/blackhatnews.tokyo/post/3md3jjwravw2d 2026-01-23 21:02:58+00:00| seen|...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

CVE-2025-23760

creationtimestamp| type| source ---|---|--- 2025-01-16 21:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7akto2r2b 2025-01-17 17:57:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2182...

CVE-2025-23760

CVE-2025-23760 is a Stored XSS vulnerability in the Chatter plugin for WordPress, caused by Improper Neutralization of Input During Web Page Generation. Affected versions are reported as from n/a through 1.0.1. The Red Hat security entry repeats this description and identifies the same CVE ID, co...

CVE-2025-23760 WordPress Chatter plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1...

CVE-2025-23760 WordPress Chatter plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Volkov Chatter allows Stored XSS. This issue affects Chatter: from n/a through 1.0.1...

CVE-2024-23760

creationtimestamp| type| source ---|---|--- 2024-02-12 23:26:16+00:00| seen| https://t.me/ctinow/183491 2024-02-15 08:17:06+00:00| seen| https://t.me/ctinow/185326 2024-03-03 17:51:32+00:00| seen| https://t.me/ctinow/198848 2025-03-28 23:29:23+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/95...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

CVE-2024-23760

CVE-2024-23760 affects Gambio 4.9.2.0 (and earlier) with cleartext storage of sensitive information in error handling logs (error-handler.log.json and legacy-error-handler.log.txt under the webroot). Root cause is information disclosure via log files exposed in the webroot. Documented impact is i...

CVE-2024-23760

Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot...

CVE-2023-23760

creationtimestamp| type| source ---|---|--- 2023-03-08 22:24:03+00:00| seen| https://t.me/cibsecurity/59690...

CVE-2023-23760 Path traversal in GitHub Enterprise Server leading to remote code execution

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

CVE-2023-23760 Path traversal in GitHub Enterprise Server leading to remote code execution

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

CVE-2023-23760

Summary: CVE-2023-23760 is a path traversal vulnerability in GitHub Enterprise Server that leads to remote code execution when building a GitHub Pages site. The attacker must have permission to create and build a GitHub Pages site on the target instance. Affected scope: GitHub Enterprise Server v...

mongo-rest-api (=0.1.0), pine-ql (>=0.1.0 <=0.5.4) potentially affected by CVE-2021-23760 via keyget (=1.0.1)

keyget NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on keyget and may be impacted: - mongo-rest-api =0.1.0 - pine-ql =0.1.0, =0.5.4 Source cves: CVE-2021-23760 Source advisory: OSV:GHSA-9FP7-4FJM-Q3MF...

CVE-2021-23760

creationtimestamp| type| source ---|---|--- 2022-01-29 00:22:20+00:00| seen| https://t.me/cibsecurity/36532...

CVE-2021-23760

The CVE-2021-23760 entry concerns the npm package keyget vulnerability to Prototype Pollution. The issue affects keyget versions 0.0.0 and up to at least 2.2.0, where the set, push, and at methods can be abused to pollute an object's prototype, potentially enabling denial of service and remote co...

Microsoft Excel Named Graph record buffer overflow

Added: 05/24/2007 CVE: CVE-2007-0215 BID: 23760 OSVDB: 34393 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...