BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
CMS Made Simple (CMSMS) Showtime2 - File Upload RCE (Metasploit)28-03-2019
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)28-03-2019
Jettweb Hazır Rent A Car Scripti V4 - SQL Injection27-03-2019
XooDigital - 'p' SQL Injection26-03-2019
Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting26-03-2019
Firefox < 66.0.1 - 'Array.prototype.slice' Buffer Overflow26-03-2019
SJS Simple Job Script - SQL Injection / Cross-Site Scripting26-03-2019
Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion26-03-2019
Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)26-03-2019
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR26-03-2019
XooGallery - Multiple SQL Injection26-03-2019
Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection26-03-2019
Zeeways Jobsite CMS - 'id' SQL Injection25-03-2019
Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection25-03-2019
Jettweb PHP Hazır Haber Sitesi Scripti V1 - SQL Injection25-03-2019
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting25-03-2019
Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass)25-03-2019
VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation25-03-2019
X-NetStat Pro 5.63 - Local Buffer Overflow25-03-2019
VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation25-03-2019
Zeeways Matrimony CMS - SQL Injection25-03-2019
snap - seccomp BBlacklist for TIOCSTI can be Circumvented22-03-2019
Inout Article Base CMS - SQL Injection22-03-2019
Meeplace Business Review Script - 'id' SQL Injection22-03-2019
Matri4Web Matrimony Website Script - Multiple SQL Injection22-03-2019
Bootstrapy CMS - Multiple SQL Injection21-03-2019
Canarytokens 2019-03-01 - Detection Bypass21-03-2019
Advanced Host Monitor 11.92 beta - Local Buffer Overflow19-03-2019
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting19-03-2019
Gila CMS 1.9.1 - Cross-Site Scripting19-03-2019