BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
HTMPL 1.11 (htmpl_admin.cgi help) Command Execution Vulnerability10-12-2008
Linux Kernel <= 2.6.27.8 ATMSVC Local Denial of Service Exploit10-12-2008
MS Internet Explorer XML Parsing Remote Buffer Overflow Exploit10-12-2008
phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability10-12-2008
CF_Calendar (calendarevent.cfm) Remote SQL Injection Exploit10-12-2008
Vinagre < 2.24.2 show_error() Remote Format String PoC09-12-2008
EasyMail ActiveX (emmailstore.dll 6.5.0.3) Buffer Overflow Exploit09-12-2008
PHP safe_mode bypass via proc_open() and custom environment09-12-2008
PHPmyGallery 1.5beta (common-tpl-vars.php) LFI-RFI Vulnerabilities09-12-2008
PHP Multiple Newsletters 2.7 (LFI-XSS) Multiple Vulnerabilities09-12-2008
Netref 4.0 Multiple Remote SQL Injection Vulnerabilities09-12-2008
ProQuiz 1.0 (Auth Bypass) SQL Injection Vulnerability09-12-2008
PostEcards (SQL-DD) Multiple Remote Vulnerabilities09-12-2008
PHP safe_mode can be bypassed via proc_open() and custom environment09-12-2008
Peel Shopping 3.1 (index.php rubid) SQL Injection Vulnerability09-12-2008
PHPmyGallery 1.0beta2 (RFI-LFI) Multiple Remote Vulnerabilities09-12-2008
Professional Download Assistant 0.1 (Auth Bypass) SQL Injection Vuln09-12-2008
Poll Pro 2.0 (Auth Bypass) Remote SQL Injection Vulnerability09-12-2008
WebCAF <= 1.4 (LFI-RCE) Multiple Remote Vulnerabilities08-12-2008
Neostrada Livebox Router Remote Network Down PoC Exploit08-12-2008
DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit08-12-2008
phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit08-12-2008
Simple Directory Listing 2 Cross Site File Upload Vulnerability08-12-2008
XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit08-12-2008
Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability08-12-2008
SIU Guarani Multiple Remote Vulnerabilities08-12-2008
phpMyAdmin 3.1.0 (XSRF) SQL Injection Vulnerability08-12-2008
XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities08-12-2008
MG2 0.5.1 (filename) Remote Code Execution Vulnerability08-12-2008
Mini Blog 1.0.1 (index.php) Multiple Local File Inclusion Vulnerabilities07-12-2008