what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from Martin Barbella

Email addressbarbella at sas.upenn.edu
First Active2009-12-22
Last Active2016-04-04
MSIE MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free
Posted Apr 4, 2016
Authored by Martin Barbella, Google Security Research

Microsoft Internet Explorer suffers from a MSHTML!CSVGHelpers::SetAttributeStringAndPointer use-after-free vulnerability.

tags | exploit
systems | linux
advisories | CVE-2016-0111
SHA-256 | cdfd2516b0415fb4189bf3b250e34e4c24ca6d87e3f8efdff8a5bd6c5a4c5be0
Drupal Protected Node 6.x Access Bypass
Posted Jun 14, 2012
Authored by Martin Barbella | Site drupal.org

Drupal Protected Node third party module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | b4aaddf3a18e328ac108e52f95a4dcea1a732a0ccdd4f218edd6da70910802f5
PHP 5.3.3 GD Stack Buffer Overflow
Posted Dec 10, 2010
Authored by Martin Barbella

PHP 5.3.3 suffers from a GD extension imagepstext stack buffer overflow vulnerability.

tags | exploit, overflow, php
SHA-256 | dd471798a94019e55c17a159a67a7b668dc2b65a5268afe78a02db0606ae93bc
Linksys Router Cross Site Request Forgery
Posted Dec 3, 2010
Authored by Martin Barbella

Proof of concept exploits for cross site request forgery vulnerabilities found in the Linksys WRT54G2 and WRT54G routers.

tags | exploit, vulnerability, proof of concept, csrf
SHA-256 | b828c25f846a2d0368ccab279f0ecc63d70d06cad75e64a301b44245aa6d868b
Drupal Realname User Reference Information Disclosure
Posted Feb 16, 2010
Authored by Martin Barbella

The Realname User Reference widget in Drupal version 6.x-1.0 allows any user with access content permission to mine user name and real names from accounts.

tags | exploit, info disclosure
SHA-256 | a8e28216cd1d0f5195a5c2f0f4d8df8509c3c8d69917da8dab026b3e35d0fd12
Drupal MP3 Player Cross Site Scripting
Posted Feb 2, 2010
Authored by Martin Barbella

Drupal's MP3 Player module version 6.x-1.0-beta1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bea709af4e24c40c41d70a3135a1196e412d132182f2fa56f7e35583b5bfc365
Drupal's Node Blocks Cross Site Scripting
Posted Jan 14, 2010
Authored by Martin Barbella

Drupal's Node Blocks contributed module versions 6.x-1.3 and 5.x-1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f68289c50815198eb6810c53c0b4256c3c719ad48903426b5a1dcdac4b55f1b8
Active Calendar 1.2.0 Cross Site Scripting
Posted Jan 11, 2010
Authored by Martin Barbella

Active Calendar version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 22b45e544fd05c068437c2e96a47768aa9fe4bb3cbef216acb4e06ce2b7e0327
JpGraph 3.0.6 Cross Site Scripting
Posted Dec 22, 2009
Authored by Martin Barbella

JpGraph version 3.0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0453010652eb79a6e0be9d48a2f4c48c61ac2edd0ceab142870919b01afd159d
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close