BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
F5 Big-IP - Unauthenticated rsync Access 29-08-2014
HTML Help Workshop 1.4 - (SEH) Buffer Overflow 29-08-2014
XRMS - Blind SQL Injection and Command Execution 28-08-2014
PhpWiki - Remote Command Execution 28-08-2014
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution 28-08-2014
ManageEngine DeviceExpert 5.9 - User Credential Disclosure 28-08-2014
Firefox WebIDL Privileged Javascript Injection 28-08-2014
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload 28-08-2014
WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability 28-08-2014
Internet Explorer MS14-029 Memory Corruption PoC 28-08-2014
WooCommerce Store Exporter 1.7.5 - SXSS and RXSS 27-08-2014
glibc Off-by-One NUL Byte gconv_translit_find Exploit 27-08-2014
VTLS Virtua InfoStation.cgi - SQL Injection 26-08-2014
ntopng 1.2.0 - XSS Injection 26-08-2014
Innovaphone PBX Admin-GUI - CSRF Vulnerability 25-08-2014
ManageEngine Password Manager MetadataServlet.dat SQL Injection 25-08-2014
Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities 24-08-2014
HybridAuth install.php PHP Code Execution 21-08-2014
MyBB 1.8 Beta 3 - Multiple Vulnerabilities 21-08-2014
Gitlab-shell Code Execution 19-08-2014
Firefox toString console.time Privileged Javascript Injection 19-08-2014
Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability 18-08-2014
VirtualBox 3D Acceleration Virtual Machine Escape 14-08-2014
VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution 14-08-2014
Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS 14-08-2014
BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET) 13-08-2014
VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation 13-08-2014
HybridAuth 2.2.2 - Remote Code Execution 13-08-2014
TomatoCart 1.x - SQL Injection Vulnerability 09-08-2014
Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm 09-08-2014