BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Kaltura - Remote PHP Code Execution over Cookie (Metasploit)24-01-2018
GoAhead Web Server - LD_PRELOAD Arbitrary Module Load (Metasploit)24-01-2018
Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow (Metasploit)24-01-2018
RAVPower 2.000.056 - Root Remote Code Execution24-01-2018
WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure24-01-2018
Professional Local Directory Script 1.0 - SQL Injection24-01-2018
Affiligator 2.1.0 - SQL Injection23-01-2018
LiveCRM SaaS Cloud 1.0 - SQL Injection23-01-2018
RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin)23-01-2018
Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)23-01-2018
Zechat 1.5 - SQL Injection23-01-2018
Easy Car Script 2014 - SQL Injection23-01-2018
Wchat 1.5 - SQL Injection23-01-2018
Tumder 2.1 - SQL Injection23-01-2018
Blizzard Update Agent - JSON RPC DNS Rebinding23-01-2018
Linux/x86 - execve(/bin/sh) + ROT-N + Shift-N + XOR-N Encoded Shellcode (77 bytes)23-01-2018
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download23-01-2018
HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation23-01-2018
RAVPower 2.000.056 - Memory Disclosure23-01-2018
MixPad 5.00 - Buffer Overflow23-01-2018
CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection23-01-2018
Quickad 4.0 - SQL Injection23-01-2018
Flexible Poll 1.2 - SQL Injection23-01-2018
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD22-01-2018
AsusWRT Router < 3.0.0.4.380.7743 - Unauthenticated LAN Remote Code Execution22-01-2018
CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities21-01-2018
PHPFreeChat 1.7 - Denial of Service21-01-2018
OTRS 5.0.x/6.0.x - Remote Command Execution21-01-2018
Shopware 5.2.5/5.3 - Cross-Site Scripting21-01-2018
Oracle JDeveloper 11.1.x/12.x - Directory Traversal21-01-2018