BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
McAfee True Key - McAfee.TrueKey.Service Privilege Escalation11-12-2018
HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection11-12-2018
Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)11-12-2018
Huawei B315s-22 - Information Leak11-12-2018
LanSpy - Local Buffer Overflow (PoC)11-12-2018
SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)11-12-2018
DomainMOD 4.11.01 - Cross-Site Scripting11-12-2018
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution11-12-2018
Apache OFBiz 16.11.05 - Cross-Site Scripting11-12-2018
WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection11-12-2018
ZTE ZXHN H168N - Improper Access Restrictions11-12-2018
Adobe ColdFusion 2018 - Arbitrary File Upload11-12-2018
XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection11-12-2018
PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion11-12-2018
Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery11-12-2018
TP-Link wireless router Archer C1200 - Cross-Site Scripting11-12-2018
PrestaShop 1.6.x/1.7.x - Remote Code Execution11-12-2018
Kubernetes - (Unauthenticated) Arbitrary Requests10-12-2018
Kubernetes - (Authenticated) Arbitrary Requests10-12-2018
Textpad 8.1.2 - Denial Of Service (PoC)09-12-2018
DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting09-12-2018
i-doit CMDB 1.11.2 - Remote Code Execution09-12-2018
Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting09-12-2018
HasanMWB 1.0 - SQL Injection05-12-2018
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting04-12-2018
Xorg X11 Server (AIX) - Local Privilege Escalation04-12-2018
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download04-12-2018
OpenSSH < 7.7 - User Enumeration (2)04-12-2018
Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)04-12-2018
KeyBase Botnet 1.5 - SQL Injection04-12-2018