The 3rd of November 2009 Str0ke (Milw0rm's owner) has passed away... We're out of words ... Rest in peace Str0ke!


Il 3 novembre 2009 Str0ke (l'owner di Milw0rm) ci ha lasciati ... siamo senza parole ... Riposa in Pace Str0ke!

BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications!


Last Advisories
BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #221-09-2009
WX Guest Book 1.1.208 (SQL-XSS) Multiple Remote Vulnerabilities21-09-2009
Snort < 2.8.5 Unified1 Output Denial of Service Exploit21-09-2009
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability21-09-2009
Joomla com_mytube (user_id) Blind SQL Injection Exploit21-09-2009
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability21-09-2009
ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability21-09-2009
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities21-09-2009
BAROSmini 0.32.595 Remote File Inclusion Vulnerabilities21-09-2009
Winplot (.wp2 File) Local Buffer Overflow Exploit21-09-2009
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit21-09-2009
DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities21-09-2009
Joomla com_jbudgetsmagic (bid) Remote SQL Injection Vulnerability21-09-2009
Joomla com_surveymanager (stype) SQL Injection Vulnerability21-09-2009
Xerver HTTP Server 4.32 Remote Denial of Service Vulnerability18-09-2009
Xerver HTTP Server 4.32 XSS - Directory Traversal Vulnerabilities18-09-2009
FanUpdate 2.2.1 (show-cat.php listingid) SQL Injection Vuln18-09-2009
Zainu (album_id) Remote SQL Injection Vulnerability18-09-2009
ClearSite 4.50 (cs_base_path) Remote File Inclusion Vulnerability18-09-2009
Xerver HTTP Server 4.32 Remote Denial of Service Vulnerability18-09-2009
FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities18-09-2009
Joomla Component com_jreservation 1.5 (pid) Blind SQL Injection Exploit17-09-2009
OpenSiteAdmin 0.9.7b (pageHeader.php path) RFI Vulnerability17-09-2009
Changetrack 4.3-3 Local Privilege Escalation Vulnerability17-09-2009
CF Shopkart 5.3x (itemid) Remote SQL Injection Vulnerability17-09-2009
FMyClone 2.3 Multiple SQL Injection Vulnerabilities17-09-2009
Nephp Publisher Enterprise 4.5 (Auth Bypass) SQL Injection Vulnerability17-09-2009
Ease Audio Cutter 1.20 (.wav file) Local Crash PoC17-09-2009
Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit17-09-2009
Joomla Component com_album 1.14 Directory Traversal Vulnerability17-09-2009