BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Directadmin ControlPanel 1.50.1 (Message System) Xss Vulnerability17-01-2017
My Private Tutor Website Script - Authentication Bypass 13-01-2017
Hindu Matrimonial Script - Authentication Bypass 13-01-2017
Just Dial Marketplace Script - Authentication Bypass 13-01-2017
Entrepreneur Matrimonial Script - Authentication Bypass 13-01-2017
Open Source Real-Estate Script - SQL Injection 13-01-2017
Inout StickBoard 1.0 Script - Improper Access Restrictions 13-01-2017
Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Restrictions 13-01-2017
Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution 13-01-2017
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd 13-01-2017
Mozilla Firefox < 50.1.0 - Use After Free 13-01-2017
Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption 11-01-2017
DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH) 10-01-2017
Starting Page 1.3 - SQL Injection 10-01-2017
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation 10-01-2017
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin) 10-01-2017
Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability09-01-2017
My PHP Dating 2.0 - 'path' Parameter SQL Injection 09-01-2017
My PHP Dating 2.0 - 'id' Parameter SQL Injection 09-01-2017
Friends in War Make or Break 1.7 - 'imgid' Parameter SQL Injection 09-01-2017
Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing 08-01-2017
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass 08-01-2017
Directadmin ControlPanel 1.50.1 denial of service Vulnerability07-01-2017
Google Android max86902 Driver - 'sysfs' Interfaces Race Condition 06-01-2017
Microsoft Edge (Windows 10) - 'chakra.dll' Info Leak / Type Confusion Remote Code Execution 05-01-2017
Kaspersky 17.0.0 - Local CA root Incorrectly Protected 04-01-2017
Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting 04-01-2017
PDfAdd 1.2 - DLL Hijacking Vulnerability03-01-2017
My Click Counter 1.0 - Authentication Bypass 03-01-2017
Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH) 02-01-2017