BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
4images <= 1.7.7 Filter Bypass HTML Injection-XSS Vulnerability12-06-2009
Campus Virtual-LMS (XSS-SQL Injection) Multiple Remote Vulnerabilities12-06-2009
Green Dam 3.17 (URL) Remote Buffer Overflow Exploit (xp-sp2)12-06-2009
phpWebThings <= 1.5.2 MD5 Hash Retrieve-File Disclosure Exploit12-06-2009
Apple iTunes 8.1.1.10 (itms-itcp) Remote Buffer Overflow Exploit (win)12-06-2009
Zip Store Chat 4.0-5.0 (Auth Bypass) SQL Injection Vulnerability12-06-2009
Pivot 1.40.4-7 Multiple Remote Vulnerabilities12-06-2009
TBDev 01-01-2008 Multiple Remote Vulnerabilities12-06-2009
TransLucid 1.75 Multiple Remote Vulnerabilities12-06-2009
Uebimiau Web-Mail <= v3.2.0-1.8 Remote File - Overwrite Vulnerabilities12-06-2009
WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI Vulnerability12-06-2009
Yogurt 0.3 (XSS-SQL Injection) Multiple Remote Vulnerabilities11-06-2009
Sniggabo CMS (article.php id) Remote SQL Injection Exploit11-06-2009
ModSecurity <= 2.5.9 (Core Rules <= 2.5-1.6.1) Filter Bypass Vuln11-06-2009
TorrentVolve 1.4 (deleteTorrent) Delete Arbitrary File Vulnerability11-06-2009
phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln11-06-2009
Splog <= 1.2 Beta Multiple Remote SQL Injection Vulnerabilities11-06-2009
Desi Short URL Script (Auth Bypass) Insecure Cookie Handling Vuln10-06-2009
MRCGIGUY FreeTicket (CH-SQL) Multiple Remote Vulnerabilities10-06-2009
LightNEasy sql-no-db <= 2.2.x system Config Disclosure Exploit10-06-2009
School Data Navigator (page) Local-Remote File Inclusion Vulnerability10-06-2009
Desi Short URL Script (Auth Bypass) Insecure Cookie Handling Vulnerability10-06-2009
DX Studio Player < 3.0.29.1 Firefox plug-in Command Injection Vuln10-06-2009
Open Biller 0.1 (username) Blind SQL Injection Exploit10-06-2009
MRCGIGUY The Ticket System 2.0 PHP Multiple Remote Vulnerabilities09-06-2009
MRCGIGUY Hot Links (report.php id) Remote SQL Injection Vulnerability09-06-2009
Joomla Component com_realestatemanager 1.0 RFI Vulnerability09-06-2009
Joomla Component com_vehiclemanager 1.0 RFI Vulnerability09-06-2009
phpMyAdmin (-scripts-setup.php) PHP Code Injection Exploit09-06-2009
S-CMS <= 2.0b3 Multiple Local File Inclusion Vulnerabilities09-06-2009