BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
Online Test Script 2.0.7 - 'cid' SQL Injection07-02-2018
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting07-02-2018
Cisco ASA - Crash PoC07-02-2018
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption07-02-2018
Naukri Clone Script - Persistent Cross-Site Scripting07-02-2018
Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting07-02-2018
MalwareFox AntiMalware - Privilege Escalation07-02-2018
Adobe Coldfusion - BlazeDS Java Object Deserialization Remote Code Execution07-02-2018
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting07-02-2018
Marked2 - Local File Disclosure06-02-2018
Netis WF2419 Router - Cross-Site Scripting05-02-2018
Student Profile Management System Script 2.0.6 - Authentication Bypass05-02-2018
Joomla! Component JSP Tickets 1.1 - SQL Injection05-02-2018
BOCHS 2.6-5 - Buffer Overflow05-02-2018
Joomla! Component jLike 1.0 - Information Leak05-02-2018
Joomla! Component Zh GoogleMap - SQL Injection05-02-2018
Joomla! Component Zh BaiduMap - SQL Injection05-02-2018
MalwareFox AntiMalware - Privilege Escalation05-02-2018
Joomla! Component Zh YandexMap - 'id' SQL Injection05-02-2018
Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)05-02-2018
Claymore Dual GPU Miner 10.5 - Format String05-02-2018
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)05-02-2018
WordPress Core - 'load-scripts.php' Denial of Service05-02-2018
HPE iLO4 < 2.53 - Add New Administrator User05-02-2018
NixCMS 1.0 - 'category_id' SQL Injection05-02-2018
Online Voting System - Authentication Bypass05-02-2018
Wonder CMS 2.3.1 - 'Host' Header Injection05-02-2018
Wonder CMS 2.3.1 - Unrestricted File Upload05-02-2018
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection05-02-2018
Microsoft Windows Subsystem for Linux - Privilege Escalation02-02-2018