BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH) 29-03-2017
DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow 29-03-2017
Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow 29-03-2017
Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow 29-03-2017
Opensource Classified Ads Script - 'keyword' Parameter SQL Injection 29-03-2017
Linux/x86 - execve(/bin/sh") Shellcode (19 bytes) 29-03-2017
Microsoft Outlook - HTML Email Denial of Service 28-03-2017
VX Search Enterprise 9.5.12 - 'Verify Email' Buffer Overflow 28-03-2017
Intermec PM43 Industrial Printer - Privilege Escalation 28-03-2017
DzSoft PHP Editor 4.2.7 - File Enumeration 28-03-2017
Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow 27-03-2017
Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow 27-03-2017
CouponPHP CMS 3.1 - 'code' Parameter SQL Injection 27-03-2017
Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection 27-03-2017
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory 27-03-2017
Apple Safari - Out-of-Bounds Read when Calling Bound Function 27-03-2017
Github Enterprise - Default Session Secret And Deserialization (Metasploit) 27-03-2017
Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode 27-03-2017
Apple Safari - 'DateTimeFormat.format' Type Confusion 27-03-2017
QNAP QTS < 4.2.4 - Domain Privilege Escalation 27-03-2017
Delux Same Day Delivery Script 1.0 - SQL Injection 26-03-2017
B2B Marketplace Script 2.0 - SQL Injection 26-03-2017
Hotel Booking Script 1.0 - SQL Injection 26-03-2017
Tour Package Booking 1.0 - SQL Injection 26-03-2017
Alibaba Clone Script - SQL Injection 26-03-2017
Parcel Delivery Booking Script 1.0 - SQL Injection 26-03-2017
Php Real Estate Property Script - SQL Injection 26-03-2017
Courier Tracking Software 6.0 - SQL Injection 26-03-2017
Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation 25-03-2017
Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation 25-03-2017