BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow Exploit #222-04-2009
Zervit HTTP Server <= 0.3 (sockets++ crash) Remote Denial of Service22-04-2009
CoolPlayer Portable 2.19.1 (m3u) Buffer Overflow exploit22-04-2009
I-Rater Pro-Plantinum v4 (Auth Bypass) SQL Injection Vulnerability21-04-2009
Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit21-04-2009
Zervit Webserver 0.3 Remote Denial Of Service Exploit21-04-2009
CRE Loaded 6.2 (products_id) SQL Injection Vulnerability21-04-2009
PastelCMS 0.8.0 (LFI-SQL) Multiple Remote Vulnerabilities21-04-2009
TotalCalendar 2.4 (include) Local File Inclusion Vulnerability21-04-2009
NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability21-04-2009
Quick.Cms.Lite 0.5 (id) Remote SQL Injection Vulnerability21-04-2009
VS PANEL 7.3.6 (Cat_ID) Remote SQL Injection Vulnerability21-04-2009
Oracle RDBMS 10.2.0.3-11.1.0.6 TNS Listener PoC (CVE-2009-0991)21-04-2009
Studio Lounge Address Book 2.5 Authentication Bypass Vulnerability21-04-2009
MixedCMS 1.0b (LFI-SU-AB-FD) Multiple Remote Vulnerabilities21-04-2009
TotalCalendar 2.4 Remote Password Change Exploit20-04-2009
Creasito e-Commerce 1.3.16 (Auth Bypass) SQL Injection Vuln20-04-2009
eLitius 1.0 Arbitrary Database Backup Exploit20-04-2009
TotalCalendar 2.4 (inc_dir) Remote File Inclusion Vulnerability20-04-2009
e107 <= 0.7.15 (extended_user_fields) Blind SQL Injection Exploit20-04-2009
Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)20-04-2009
WysGui CMS 1.2b (Insecure Cookie Handling) Blind SQL Injection Exploit20-04-2009
WB News 2.1.2 Insecure Cookie Handling Vulnerability20-04-2009
FunGamez rc1 (AB-LFI) Multiple Remote Vulnerabilities20-04-2009
Pligg 9.9.0 (editlink.php id) Blind SQL Injection Exploit20-04-2009
CoolPlayer Portable 2.19.1 (.m3u File) Local Stack Overflow PoC20-04-2009
1by1 1.67 (.m3u File) Local Stack Overflow PoC20-04-2009
Groovy Media Player 1.1.0 (.m3u File) Local Stack Overflow PoC20-04-2009
webClassifieds 2005 (Auth Bypass) Insecure Cookie Handling Vuln20-04-2009
EZ Webitor (Auth Bypass) SQL Injection Vulnerability20-04-2009