BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Firefox 3.6.16 OBJECT mChannel Remote Code Execution Exploit (DEP bypass) - [CVE: 2011-0065] 05-08-2011
HP Data Protector Remote Shell for HPUX - [CVE: 2011-0923] 05-08-2011
WP E-commerce plugin <= 3.8.4 SQL Injection Exploit 05-08-2011
OpenSLP Denial of Service Exploit 05-08-2011
FreeAmp 2.0.7 .fat Buffer Overflow Exploit (MSF) 04-08-2011
DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities 04-08-2011
ABBS Electronic Flashcards v2.1 Buffer Overflow Exploit (MSF) 04-08-2011
ABBS Audio Media Player v3.0 Buffer Overflow Exploit (MSF) 04-08-2011
WordPress TimThumb Plugin - Remote Code Execution 03-08-2011
Omnicom Alpha 4.0e LPD Server DoS 03-08-2011
Zinf Audio Player v2.2.1 PLS File Buffer Overflow Vulnerability (DEP BYPASS) - [CVE: 2004-0964] 03-08-2011
Joomla Component (com_jdirectory) SQL Injection Vulnerability 03-08-2011
SiteGenius Blind SQL injection Vulnerability 02-08-2011
MyBB MyTabs (plugin) 0day SQL injection vulnerability 02-08-2011
CA Arcserve D2D GWT RPC Credential Information Disclosure 02-08-2011
Report: Zoneminder 1.24.3 Remote File Inclusion Vulnerability 01-08-2011
CMSPro! 2.08 CSRF Vulnerability 01-08-2011
Joomla Component (com_obSuggest) Local File Inclusion Vulnerability 31-07-2011
Actfax FTP Server <= v4.27 USER Command 0day Stack Buffer Overflow (MSF) 31-07-2011
Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities 31-07-2011
Link Station Pro Multiple Vulnerabilities 30-07-2011
ManageEngine ServiceDesk Plus 8.0 Build 8013 Multiple XSS Vulnerabilities 29-07-2011
cFTP <= 0.1 (r80) Arbitrary File Upload 29-07-2011
MyWebServer v1.0.3 Denial Of Service 28-07-2011
Joomla 1.5 com_virtuemart <= 1.1.7 Blind time-based SQL Injection (MSF) 28-07-2011
MyWebServer v1.0.3 Arbitrary File Download 28-07-2011
Citrix XenApp / XenDesktop Stack-Based Buffer Overflow 28-07-2011
Citrix XenApp / XenDesktop XML Service Heap Corruption 28-07-2011
MinaliC Webserver v2.0 Remote Source Disclosure 27-07-2011
SWAT Samba Web Administration Tool Cross-Site Request Forgery PoC - [CVE: 2011-2522] 27-07-2011