BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
NAT32 2.2 Build 22284 - Remote Command Execution14-02-2018
News Website Script 2.0.4 - 'search' SQL Injection13-02-2018
TypeSetter CMS 5.1 - Cross-Site Request Forgery13-02-2018
TypeSetter CMS 5.1 - 'Host' Header Injection13-02-2018
Advantech WebAccess 8.3.0 - Remote Code Execution13-02-2018
CloudMe Sync < 1.11.0 - Buffer Overflow13-02-2018
reserved by SOFTMAN Admin panel bypass12-02-2018
Developed by: EDCP login.asp bypass12-02-2018
Juju-run Agent - Privilege Escalation (Metasploit)12-02-2018
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation (Metasploit)12-02-2018
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)12-02-2018
LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution12-02-2018
web design by weio Admin panel bypass12-02-2018
LogicalDOC Enterprise 7.7.4 - Directory Traversal12-02-2018
LogicalDOC Enterprise 7.7.4 - User Enumeration12-02-2018
Paypal Clone Script 1.0.9 - 'id' / 'acctype' SQL Injection11-02-2018
Readymade Video Sharing Script 3.2 - 'search' SQL Injection11-02-2018
Select Your College Script 2.0.2 - Authentication Bypass10-02-2018
Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting10-02-2018
Lawyer Search Script 1.0.2 - Cross-Site Scripting10-02-2018
Multi Language Olx Clone Script - Cross-Site Scripting10-02-2018
Bitcoin MLM Software 1.0.2 - Cross-Site Scripting10-02-2018
Schools Alert Management Script 2.0.2 - Arbitrary File Upload10-02-2018
Facebook Clone Script 1.0.5 - Cross-Site Scripting10-02-2018
JBoss 4.2.x/4.3.x - Information Disclosure10-02-2018
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure10-02-2018
Naukri Clone Script 3.0.3 - 'indus' SQL Injection10-02-2018
macOS Kernel - Use-After-Free Due to Lack of Locking in 'AppleEmbeddedOSSupportHostClient::registerNotificationPort'09-02-2018
Android - 'getpidcon' Permission Bypass in KeyStore Service07-02-2018
Entrepreneur Dating Script 2.0.2 - Authentication Bypass07-02-2018