BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Advanced Host Monitor 11.92 beta - Local Buffer Overflow19-03-2019
Netartmedia Event Portal 2.0 - 'Email' SQL Injection19-03-2019
Gila CMS 1.9.1 - Cross-Site Scripting19-03-2019
Netartmedia PHP Mall 4.1 - SQL Injection19-03-2019
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service18-03-2019
WinMPG Video Convert 9.3.5 - Denial of Service18-03-2019
TheCarProject 2 - Multiple SQL Injection18-03-2019
BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)18-03-2019
Laundry CMS - Multiple Vulnerabilities15-03-2019
Moodle 3.4.1 - Remote Code Execution15-03-2019
NetData 1.13.0 - HTML Injection15-03-2019
Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities15-03-2019
ICE HRM 23.0 - Multiple Vulnerabilities15-03-2019
CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload15-03-2019
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow15-03-2019
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution14-03-2019
FTPGetter Standard 5.97.0.177 - Remote Code Execution14-03-2019
Pegasus CMS 1.0 - 'extra_fields.php' Plugin Remote Code Execution14-03-2019
Intel Modular Server System 10.18 - Cross-Site Request Forgery (Change Admin Password)14-03-2019
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal13-03-2019
Microsoft Windows - .reg File / Dialog Box Message Spoofing13-03-2019
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion13-03-2019
Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal13-03-2019
elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)13-03-2019
Apache Tika-server < 1.18 - Command Injection13-03-2019
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting13-03-2019
PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin)12-03-2019
Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)12-03-2019
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution11-03-2019
OpenKM 6.3.2 < 6.3.7 - Remote Command Execution (Metasploit)11-03-2019