BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Varnish Cache CLI Interface Remote Code Execution 19-12-2014
Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities 19-12-2014
miniBB 3.1 - Blind SQL Injection 19-12-2014
Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit 19-12-2014
CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution 17-12-2014
E-Journal (Old Version) Multiple Vulnerabilities16-12-2014
CMS Papoo 6.0.0 Rev. 4701 - Stored XSS 16-12-2014
ActualAnalyzer 'ant' Cookie Command Execution 16-12-2014
Tuleap PHP Unserialize Code Execution 15-12-2014
CodeMeter 4.50.906.503 - Service Trusted Path Privilege Escalation 15-12-2014
ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling 15-12-2014
phpMyAdmin 4.0.x, 4.1.x, 4.2.x - DoS 15-12-2014
Avira 14.0.7.342 - (avguard.exe) Service Trusted Path Privilege Escalation 15-12-2014
HTCSyncManager 3.1.33.0 - Service Trusted Path Privilege Escalation 15-12-2014
jaangle 0.98i.977 - Denial of Service Vulnerability 15-12-2014
Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.lst) 15-12-2014
Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit 15-12-2014
OpenEMR 4.1.2(7) - Multiple SQL Injection Vulnerabilities 10-12-2014
Mobilis 3G mobiconnect 3G++ ZDServer 1.0.1.2 - (ZTE CORPORATION) Service Trusted Path Privilege Escalation 10-12-2014
Humhub <= 0.10.0-rc.1 - Multiple Persistent XSS vulnerabilities 10-12-2014
Humhub <= 0.10.0-rc.1 - SQL Injection Vulnerability 10-12-2014
Advantech AdamView 4.30.003 - (.gni) SEH Buffer Overflow 10-12-2014
PBBoard CMS 3.0.1 - SQL Injection 05-12-2014
Offset2lib: Bypassing Full ASLR On 64bit Linux 05-12-2014
Windows Kerberos - Elevation of Privilege (MS14-068) 05-12-2014
Advertise With Pleasure! (AWP) 6.6 - SQL Injection Vulnerability 04-12-2014
Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities 04-12-2014
Cart66 Lite WordPress Ecommerce 1.5.1.17 - Blind SQL Injection 03-12-2014
Google Document Embedder 2.5.16 - mysql_real_escpae_string bypass SQL Injection 03-12-2014
Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability 02-12-2014