BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation07-01-2019
MyT Project Management 1.5.1 - 'Charge' SQL Injection07-01-2019
Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal07-01-2019
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting07-01-2019
LayerBB 1.1.1 - Persistent Cross-Site Scripting07-01-2019
All in One Video Downloader 1.2 - Authenticated SQL Injection07-01-2019
MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting07-01-2019
Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference07-01-2019
Embed Video Scripts - Persistent Cross-Site Scripting07-01-2019
Mailcleaner - Authenticated Remote Code Execution (Metasploit)07-01-2019
WebKit JSC - 'AbstractValue::set' Use-After-Free02-01-2019
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)02-01-2019
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)02-01-2019
WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/Write02-01-2019
Ayukov NFTP FTP Client 2.0 - Buffer Overflow02-01-2019
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)02-01-2019
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)02-01-2019
Microsoft Windows - Windows Error Reporting Local Privilege Escalation02-01-2019
Frog CMS 0.9.5 - Cross-Site Scripting02-01-2019
WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection02-01-2019
Vtiger CRM 7.1.0 - Remote Code Execution02-01-2019
NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)02-01-2019
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload27-12-2018
NetShareWatcher 1.5.8 - Denial of Service (PoC)27-12-2018
ShareAlarmPro 2.1.4 - Denial of Service (PoC)27-12-2018
bludit Pages Editor 3.0.0 - Arbitrary File Upload27-12-2018
Terminal Services Manager 3.1 - Local Buffer Overflow (SEH)27-12-2018
Iperius Backup 5.8.1 - Buffer Overflow (SEH)27-12-2018
Product Key Explorer 4.0.9 - Denial of Service (PoC)27-12-2018
MAGIX Music Editor 3.1 - Buffer Overflow (SEH)27-12-2018