BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
XRayCMS 1.1.1 SQL Injection Vulnerability 06-02-2012
Tube Ace(Adult PHP Tube Script) SQL Injection 06-02-2012
BASE 1.4.5 (base_qry_main.php t_view) SQL Injection Vulnerability 06-02-2012
PDF Viewer Component ActiveX DoS 05-02-2012
GAzie <= 5.20 Cross Site Request Forgery 05-02-2012
Edraw Diagram Component 5 ActiveX buffer overflow DoS 04-02-2012
PHP 5.4.0RC6 64bit Denial of Service 04-02-2012
PHP 5.4SVN-2012-02-03 htmlspecialchars/entities Buffer Overflow 03-02-2012
torrent-stats httpd.c Denial of Service 03-02-2012
Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute - [CVE: 2008-2551] 02-02-2012
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57 02-02-2012
NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability 02-02-2012
OfficeSIP Server 3.1 Denial Of Service Vulnerability 02-02-2012
Apache Struts Multiple Persistent Cross-Site Scripting Vulnerabilities 02-02-2012
Sphinix Mobile Web Server 3.1.2.47 Multiple Persistent XSS Vulnerabilities 02-02-2012
OSCommerce v3.0.2 - Persistent Cross Site Vulnerability 02-02-2012
Achievo v1.4.3 - Multiple Web Vulnerabilities 02-02-2012
SiT! Support Incident Tracker 3.64 Multiple Vulnerabilities 01-02-2012
swDesk Multiple Vulnerabilities 01-02-2012
MailEnable Webmail Cross-Site Scripting Vulnerability - [CVE: 2012-0389] 01-02-2012
Webkit normalize bug for android 2.2 (CVE-2010-1759) - [CVE: 2010-1759] 01-02-2012
Ez Album Blind SQL Injection Vulnerability 31-01-2012
Adobe Flash Player MP4 SequenceParameterSetNALUnit Remote Code Execution Exploit - [CVE: 2011-2140] 31-01-2012
sudo 1.8.0 - 1.8.3p1 Format String Vulnerability 31-01-2012
phpShowtime Directory Traversal 31-01-2012
Snort Report <= 1.3.2 SQL Injection Vulnerability 31-01-2012
Apache httpOnly Cookie Disclosure - [CVE: 2012-0053] 31-01-2012
Vastal I-Tech Agent Zone (search.php) Blind SQL Injection Vulnerability 31-01-2012
EdrawSoft Office Viewer Component ActiveX 5.6 (officeviewermme.ocx) BoF PoC 31-01-2012
PragmaMX 1.2.10 Persistent XSS Vulnerability 31-01-2012