BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)18-02-2009
Firepack (admin-ref.php) Remote Code Execution Exploit18-02-2009
smNews 1.0 Auth Bypass-Column Truncation Vulnerabilities18-02-2009
MS Internet Explorer 7 Memory Corruption PoC (MS09-002)18-02-2009
S-Cms 1.1 Stable Insecure Cookie Handling - Mass Page Delete Vulns17-02-2009
pHNews Alpha 1 (header.php mod) SQL Injection Vulnerability17-02-2009
pHNews Alpha 1 (genbackup.php) Database Disclosure Vulnerability17-02-2009
SAS Hotel Management System Remote Shell Upload Vulnerability17-02-2009
Enomaly ECP - Enomalism < 2.2.1 Multiple Local Vulnerabilities16-02-2009
SAS Hotel Management System (myhotel_info.asp) SQL Injection Vuln16-02-2009
YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability16-02-2009
NovaBoard 1.0.0 Multiple Remote Vulnerabilities16-02-2009
MemHT Portal <= 4.0.1 (pvtmsg) Delete All Private Messages Exploit16-02-2009
SAS Hotel Management System (myhotel_info.asp) SQL Injection Vulnerability16-02-2009
FreeBSD 7.0-RELEASE Telnet Daemon Local Privilege Escalation Exploit16-02-2009
ClipBucket 1.7 (dwnld.php file) Remote File Disclosure Vulnerability16-02-2009
InselPhoto 1.1 Persistent XSS Vulnerability16-02-2009
TPTEST <= 3.1.7 Stack Buffer Overflow PoC16-02-2009
GeoVision LiveX_v8200 ActiveX (LIVEX_~1.OCX) File Corruption PoC16-02-2009
Falt4 CMS RC4 (fckeditor) Arbitrary File Upload Exploit16-02-2009
simplePMS CMS 0.1.3a LFI - Remote Command Execution Exploit16-02-2009
PowerMovieList 0.14b (SQL-XSS) Multiple Remote Vulnerabilities16-02-2009
Grestul 1.x Auth Bypass by Cookie SQL Injection Vulnerability16-02-2009
RavenNuke 2.3.0 Multiple Remote Vulnerabilities16-02-2009
ea-gBook 0.1 Remote Command Execution with RFI (c99) Exploit13-02-2009
Nokia N95-8 browser (setAttributeNode) Method Crash Exploit13-02-2009
Vlinks 1.1.6 (id) Remote SQL Injection Vulnerability13-02-2009
IdeaCart 0.02 (LFI-SQL) Multiple Remote Vulnerabilities13-02-2009
BlogWrite 0.91 Remote FD - SQL Injection Exploit13-02-2009
CmsFaethon 2.2.0 (info.php item) SQL Command Injection Exploit13-02-2009