BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
WordPress Plugin Free Counter 1.1 Stored XSS 27-05-2015
Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC 26-05-2015
Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution 26-05-2015
Sendio ESP Information Disclosure Vulnerability 26-05-2015
Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection 26-05-2015
Wordpress church_admin Plugin 0.800 Stored XSS 26-05-2015
Apache Jackrabbit WebDAV XXE Exploit 26-05-2015
WordPress GigPress Plugin 2.3.8 - SQL Injection 26-05-2015
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities 26-05-2015
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities 26-05-2015
Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay 26-05-2015
Clickheat 1.13+ Remote Command Execution 26-05-2015
FTP Media Server 3.0 - Authentication Bypass and Denial of Service 25-05-2015
Fuse - Local Privilege Escalation 23-05-2015
WordPress WP Symposium Plugin 15.1 SQL Injection Vulnerability 21-05-2015
Forma LMS 1.3 Multiple SQL Injection Vulnerabilities 21-05-2015
WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities 21-05-2015
ZOC SSH Client Buffer Overflow Vulnerability (SEH) 20-05-2015
Linux/x86 execve "/bin/sh" - shellcode 26 bytes 20-05-2015
WordPress FeedWordPress Plugin 2015.0426 - SQL Injection 20-05-2015
Phoenix Contact ILC 150 ETH PLC Remote Control Script 20-05-2015
Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation 20-05-2015
Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation (MS14-058) 19-05-2015
Internet Explorer 11 - Crash PoC 19-05-2015
Forma LMS 1.3 Multiple PHP Object Injection Vulnerabilities 18-05-2015
BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass) 18-05-2015
Wireless Photo Transfer 3.0 iOS - File Inclusion Vulnerability 18-05-2015
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities 18-05-2015
ManageEngine EventLog Analyzer 10.0 Build 10001 CSRF Vulnerability 18-05-2015
iFTP 2.21 Buffer OverFlow Crash PoC 14-05-2015