BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
MyBlog <= 0.9.8 Insecure Cookie Handling Vulnerability 22-09-2008
WCMS v.1.0b (news_detail.asp id) Remote SQL Injection Vulnerability22-09-2008
BuzzyWall <= 1.3.1 (search.php search) SQL Injection Vulnerability22-09-2008
WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit22-09-2008
WSN Links 2.22-2.23 (vote.php) Remote SQL Injection Vulnerability22-09-2008
WCMS v.1.0b Arbitrary Add Admin Exploit22-09-2008
WSN Links 2.20 (comments.php) SQL Injection Vulnerability22-09-2008
PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability 22-09-2008
CJ Ultra Plus <= 1.0.4 Cookie Remote SQL Injection Exploit22-09-2008
Fez 1.3-2.0 RC1 (list.php) Remote SQL Injection Vulnerability22-09-2008
Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack)22-09-2008
Debian Sarge Multiple IMAP Server Denial of Service Exploit22-09-2008
basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion Vulnerability22-09-2008
PHPKB 1.5 Professional Multiple Remote SQL Injection Vulnerabilities21-09-2008
TWiki <= 4.2.2 (action) Remote Code Execution Vulnerability21-09-2008
Invision Power Board <= 2.3.5 Remote SQL Injection Exploit21-09-2008
Unreal Tournament 3 v1.3 Remote Directory Traversal Vulnerability21-09-2008
Basic PHP Events Lister 1.0 Remote SQL Injection Vulnerability21-09-2008
6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability21-09-2008
PHP iCalendar <= 2.24 (cookie_language) LFI - File Upload Exploit21-09-2008
Availscript Article Script (view.php v) SQL Injection Vulnerability21-09-2008
Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability 21-09-2008
e107 Plugin my_gallery (image) Remote SQL Injection Vulnerability21-09-2008
NetArtMedia Real Estate Portal 2.0 SQL Injection Vulnerability21-09-2008
NetArtMedia Jobs Portal 1.3 Multiple SQL Injection Vulnerabilities21-09-2008
Diesel Job Site (job_id) Blind SQL Injection Vulnerability21-09-2008
6rbScript 3.3 (singerid) Remote SQL Injection Vulnerability21-09-2008
Availscript Jobs Portal Script File Upload Vulnerability (auth)21-09-2008
Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability21-09-2008
DESlock+ 3.2.7 (vdlptokn.sys) Local Denial of Service Exploit21-09-2008