BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability 29-09-2014
OpenFiler 2.99.1 - CSRF Vulnerability 29-09-2014
Microsoft Exchange IIS HTTP Internal IP Address Disclosure 29-09-2014
Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037) 29-09-2014
Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection 25-09-2014
Nucom ADSL ADSLR5000UN ISP Credentials Disclosure 25-09-2014
GNU bash Environment Variable Command Injection (MSF) 25-09-2014
Bash Environment Variables Code Injection Exploit 25-09-2014
GNU bash Environment Variable Command Injection 25-09-2014
Cart Engine 3.0 - Multiple Vulnerabilities 25-09-2014
OsClass 3.4.1 (index.php, file param) - Local File Inclusion 25-09-2014
Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities 25-09-2014
Joomla Mac Gallery 1.5 - Arbitrary File Download 24-09-2014
Joomla Face Gallery 1.0 - Multiple vulnerabilities 24-09-2014
Onlineon E-Ticaret Database Disclosure Exploit 24-09-2014
WS10 Data Server SCADA Exploit Overflow PoC 24-09-2014
ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure 24-09-2014
Joomla Spider Form Maker <= 4.3 - SQLInjection 24-09-2014
webEdition 6.3.8.0 (SVN-Revision: 6985) - Path Traversal 24-09-2014
Restaurant Script (PizzaInn Project) - Stored XSS 24-09-2014
Glype 1.4.9 - Local Address Filter Bypass 24-09-2014
Glype 1.4.9 - Cookie Injection Path Traversal LFI 24-09-2014
Advantech WebAccess dvs.ocx GetColor Buffer Overflow 24-09-2014
EMC AlphaStor Device Manager Opcode 0x75 Command Injection 24-09-2014
LittleSite 0.1 'file' Parameter Local File Include Vulnerability 23-09-2014
Fast Image Resizer 098 - Local Crash Poc 23-09-2014
Seafile-server <= 3.1.5 - Remote DoS 20-09-2014
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities 20-09-2014
Livefyre LiveComments Plugin - Stored XSS 20-09-2014
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 18-09-2014