BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
eXtplorer v2.1 Arbitrary File Upload Vulnerability 10-01-2013
Colloquy 1.3.5 and 1.3.6 Denial of Service Vulnerability 10-01-2013
Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability10-01-2013
Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass 10-01-2013
WeBid 1.0.6 SQL Injection Vulnerability 09-01-2013
Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit 09-01-2013
Watson Management Console 4.11.2.G Directory Traversal Vulnerability 09-01-2013
Free Blog 1.0 Multiple Vulnerabilities 09-01-2013
Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities 09-01-2013
WordPress Plugin Google Document Embedder Arbitrary File Disclosure 08-01-2013
IBM Cognos tm1admsd.exe Overflow Vulnerability 08-01-2013
Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability 08-01-2013
E SMS Script Multiple SQL Injection Vulnerabilities 08-01-2013
Ettercap <= 0.7.5.1 Stack Overflow Vulnerability 07-01-2013
Foxit Reader <= 5.4.4.1128 Firefox Plugin npFoxitReaderPlugin.dll Stack Buffer Overflow 07-01-2013
Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability06-01-2013
fronk Cms Sql Injection Vulnerability06-01-2013
FoxPlayer v2.9.0 Denial of Service Vulnerability 06-01-2013
Nexpose Security Console CSRF Vulnerability 06-01-2013
pfSense 2.0.1 XSS / CSRF / Remote Command Execution 05-01-2013
FoxPlayer v2.9.0 Denial of Service04-01-2013
Simple Webserver 2.3-rc1 Directory Traversal 04-01-2013
Enterasys NetSight nssyslogd.exe Buffer Overflow 04-01-2013
MyBB Profile Wii Friend Code Multiple Vulnerabilities 04-01-2013
Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vulnerabilities 03-01-2013
WordPress Plugin Advanced Custom Fields Remote File Inclusion 03-01-2013
Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access 03-01-2013
Astium VoIP PBX <= v2.1 build 25399 Remote Crash PoC 02-01-2013
e107 v1.0.2 CSRF Resulting in SQL Injection 02-01-2013
e107 v1.0.1 CSRF Resulting in Arbitrary Javascript Execution 02-01-2013