BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Snom IP Phone Web Interface Multiple Vulnerabilities 26-04-2011
WordPress SermonBrowser Plugin 0.43 SQL Injection 26-04-2011
eZip Wizard 3.0 Stack Buffer Overflow - [CVE: 2009-1028] 26-04-2011
phpMyChat Plus 1.93 Multiple Vulnerabilities 25-04-2011
OrangeHRM 2.6.3 (PluginController.php) Local File Inclusion Vulnerability 25-04-2011
mySeatXT 0.1781 SQL Injection Vulnerability 25-04-2011
SoftMP3 SQL Injection Vulnerability 24-04-2011
Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple Vulnerabilities 22-04-2011
Realmarketing CMS Multiple SQL Injection Vulnerabilities 22-04-2011
4images 1.7.9 Multiple Vulnerabilities 22-04-2011
DynMedia Pro Web CMS 4.0 Local File Disclosure 22-04-2011
PHP phar extension 1.1.1 Heap Overflow 22-04-2011
Web2Project 2.3 SQL Injection Vulnerability 22-04-2011
Dolibarr ERP/CRM 3.0.0 Multiple Vulnerabilities 22-04-2011
ZenPhoto 1.4.0.3 x-forwarded-for HTTP Header presisitent XSS 22-04-2011
Spreecommerce < 0.50.0 Arbitrary Command Execution 22-04-2011
360 Web Manager 3.0 Multiple vulnerabilities 22-04-2011
First Escort Marketing CMS Multiple SQL Injection Vunerabilities 22-04-2011
Gesytec ElonFmt ActiveX 1.1.14 (ElonFmt.ocx) pid Item Buffer Overflow (SEH) 21-04-2011
Wireshark <= 1.4.4 packet-dect.c Stack Buffer Overflow - [CVE: 2011-1591] 21-04-2011
Linux/x86 - netcat bindshell port 6666 - 69 bytes 21-04-2011
docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities 20-04-2011
Ultimate eShop Error Based SQL Injection Vulnerability 20-04-2011
SocialCMS1.0.2 Multiple CSRF Vulnerabilities 20-04-2011
Dalbum 1.43 Multiple Vulnerabilities 20-04-2011
IBM Tivoli Directory Server SASL Bind Request Remote Code Execution - [CVE: 2011-1206] 19-04-2011
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass) - [CVE: 2010-3654] 19-04-2011
Wireshark <= 1.4.4 packet-dect.c Stack Buffer Overflow 19-04-2011
Wireshark 1.4.1-1.4.4 SEH Overflow Exploit 18-04-2011
osPHPSite SQL Injection Vulnerability 17-04-2011