BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read15-12-2018
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC)14-12-2018
Double Your Bitcoin Script Automatic - Authentication Bypass14-12-2018
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution14-12-2018
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection14-12-2018
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure14-12-2018
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)14-12-2018
Angry IP Scanner 3.5.3 - Denial of Service (PoC)14-12-2018
Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)14-12-2018
Huawei Router HG532e - Command Execution14-12-2018
Responsive FileManager 9.13.4 - Multiple Vulnerabilities14-12-2018
Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)14-12-2018
Cisco RV110W - Password Disclosure / Command Execution14-12-2018
Safari - Proxy Object Type Confusion (Metasploit)14-12-2018
Linux - 'userfaultfd' Bypasses tmpfs File Permissions13-12-2018
CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)13-12-2018
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains13-12-2018
HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection11-12-2018
Apache OFBiz 16.11.05 - Cross-Site Scripting11-12-2018
Adobe ColdFusion 2018 - Arbitrary File Upload11-12-2018
Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)11-12-2018
DomainMOD 4.11.01 - Cross-Site Scripting11-12-2018
PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion11-12-2018
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution11-12-2018
Tourism Website Blog - Remote Code Execution / SQL Injection11-12-2018
PrestaShop 1.6.x/1.7.x - Remote Code Execution11-12-2018
LanSpy 2.0.1.159 - Local Buffer Overflow (PoC)11-12-2018
TP-Link wireless router Archer C1200 - Cross-Site Scripting11-12-2018
ZTE ZXHN H168N - Improper Access Restrictions11-12-2018
Huawei B315s-22 - Information Leak11-12-2018