BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln29-06-2009
Bopup Communications Server (3.2.26.5460) Remote BOF Exploit (SEH)29-06-2009
osTicket 1.6 RC4 Admin Login Blind SQL Injection Vulnerability29-06-2009
WHOISCART (Auth Bypass) Information Disclosure Vulnerability29-06-2009
Messages Library 2.0 (cat.php CatID) SQL Injection Vulnerability29-06-2009
Newsolved 1.1.6 (login grabber) Multiple SQL Injection Exploit29-06-2009
WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln29-06-2009
DM FileManager 3.9.4 Remote File Inclusion Vulnerability29-06-2009
Mega File Manager 1.0 (index.php page) LFI Vulnerability26-06-2009
PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities26-06-2009
ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection Vulnerability26-06-2009
Virtue Online Test Generator (AB-SQL-XSS) Multiple Vulnerabilities26-06-2009
MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability25-06-2009
MyFusion 6b settings[locale] Local File Inclusion Vulnerability25-06-2009
AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability25-06-2009
AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection Exploit25-06-2009
Joomla Component com_pinboard (task) SQL Injection Exploit25-06-2009
AN Guestbook 0.7.8 (g_lang) Local File Inclusion Vulnerability24-06-2009
PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing - Blind Vulnerability24-06-2009
LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability24-06-2009
Tribiq CMS 5.0.12c (XSS-LFI) Multiple Remote Vulnerabilities24-06-2009
Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability24-06-2009
Joomla Component com_pinboard Remote File Upload Vulnerability24-06-2009
BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability24-06-2009
Joomla Component com_amocourse (catid) SQL Injection Vuln24-06-2009
phpCollegeExchange 0.1.5c (RFI-LFI-XSS) Multiple Vulnerabilities23-06-2009
HP Data Protector 4.00-SP1b43064 Remote Memory Leak-Dos (meta)23-06-2009
HP Data Protector 4.00-SP1b43064 Remote Memory Leak-Dos Exploit23-06-2009
HP Data Protector 4.00-SP1b43064 Remote Memory Leak-Dos Exploit (meta)23-06-2009
Zen Cart 1.3.8 Remote Code Execution Exploit23-06-2009