BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Opencart 1.1.8 (route) Local File Inclusion Vulnerability27-04-2009
Zoom Player Pro v.3.30 .m3u File Buffer Overflow Exploit (seh)27-04-2009
Icewarp Merak Mail Server 9.4.1 Base64FileEncode() BOF PoC27-04-2009
LightBlog <= 9.9.2 (register.php) Remote Code Execution Exploit27-04-2009
iodined <= 0.4.2-2 (forged DNS packet) Denial of Service Exploit27-04-2009
DEW-NEWphpLinks 2.0 (LFI-XSS) Multiple Remote Vulnerabilities27-04-2009
Thickbox Gallery v2 (index.php ln) Local File Inclusion Vulnerability27-04-2009
EZ-Blog Beta2 (category) Remote SQL Injection Vulnerability27-04-2009
ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability27-04-2009
Flatchat 3.0 (pmscript.php with) Local File Inclusion Vulnerability27-04-2009
SDP Downloader v2.3.0 (.ASX File) Local Heap Overflow PoC24-04-2009
Photo-Rigma.BiZ v30 (SQL-XSS) Multiple Remote Vulnerabilities24-04-2009
Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities24-04-2009
Absolute Form Processor XE-V 1.5 (auth Bypass) SQL Injection Vuln24-04-2009
Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln24-04-2009
Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit24-04-2009
CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit23-04-2009
Home Web Server <= r1.7.1 (build 147) Gui Thread-Memory Corruption23-04-2009
Dream FTP Server 1.02 (users.dat) Arbitrary File Disclosure Exploit23-04-2009
Popcorn 1.87 Remote Heap Overflow Exploit PoC23-04-2009
Norton Ghost Support module for EasySetup wizard Remote DoS PoC23-04-2009
FOWLCMS 1.1 (AB-LFI-SU) Multiple Remote Vulnerabilities23-04-2009
Femitter FTP Server 1.03 Arbitrary File Disclosure Exploit22-04-2009
elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability22-04-2009
5 star Rating 1.2 (Auth Bypass) SQL Injection Vulnerability22-04-2009
WebPortal CMS 0.8b Multiple Remote-Local File Inclusion Vulnerabilities22-04-2009
Joomla Component rsmonials Remote Cross Site Scxripting Exploit22-04-2009
Xitami Web Server <= 5.0 Remote Denial of Service Exploit22-04-2009
Counter Strike Source ManiAdminPlugin v2 Remote Crash Exploit22-04-2009
Dokeos LMS <= 1.8.5 (include) Remote Code Execution Exploit22-04-2009