BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
WFTPD Explorer Pro 1.0 Remote Heap Overflow Exploit29-01-2009
dBpowerAMP Audio Player v2 (.pls File) Local BOF Exploit29-01-2009
Internet Explorer 7 ClickJacking Vulnerability (2009-01-23)29-01-2009
Star Articles 6.0 (admin.manage) Remote Contents Change Vulnerability29-01-2009
Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability29-01-2009
WOW - Web On Windows ActiveX Control 2 Remote Code Execution29-01-2009
GLPI v 0.71.3 Multiple Remote SQL Injection VUlnerabilities29-01-2009
Thomson mp3PRO Player-Encoder (M3U File) Crash PoC29-01-2009
Personal Site Manager <= 0.3 Remote Command Execution Exploit29-01-2009
Amaya Web Editor <= 11.0 Remote Buffer Overflow PoC29-01-2009
Star Articles 6.0 (add-edit-delete) Vulnerabilities29-01-2009
PLE CMS 1.0 beta 4.2 (login.php school) Blind SQL Injection Exploit29-01-2009
ManageEngine Firewall Analyzer 5 XSRF-XSS Vulnerability29-01-2009
Profense Web Application Firewall 2.6.2 XSRF-XSS Vulnerabilities29-01-2009
D-Link VoIP Phone Adapter XSS-XSRF Remote Firmware Overwrite29-01-2009
Zoom VoIP Phone Adapater ATA1+1 1.2.5 XSRF Exploit29-01-2009
Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass29-01-2009
Total Video Player 1.3.7 (.m3u) Local Buffer Overflow Exploit29-01-2009
Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability28-01-2009
SmartSiteCMS 1.0 (articles.php var) Blind SQL Injection Exploit28-01-2009
Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass28-01-2009
Social Engine (category_id) SQL Injection Vulnerability28-01-2009
Zinf Audio Player 2.2.1 (PLS File) Local Buffer Overflow Exploit (univ)28-01-2009
MemHT Portal (mime issue) Remote PHP Shell Upload Vulnerability28-01-2009
Community CMS <= 0.4 (-index.php id) Blind SQL Injection Exploit28-01-2009
GameScript 4.6 (XSS-SQL-LFI) Multiple Remote Vulnerabilities28-01-2009
Chipmunk Blog (Auth Bypass) Add Admin Exploit28-01-2009
Gazelle CMS (template) Local File Inclusion Vulnerability28-01-2009
Lore 1.5.6 (article.php) Blind SQL Injection Exploit28-01-2009
phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit28-01-2009