BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
vbLOGIX Tutorial Script <= 1.0 (cat_id) SQL Injection Vulnerability12-09-2008
SkaLinks 1.5 (register.php) Remote Arbitrary Add Editor Vulnerability12-09-2008
Sports Clubs Web Panel 0.0.1 Remote File Upload Vulnerability12-09-2008
pForum 1.30 (showprofil.php id) Remote SQL Injection Vulnerability12-09-2008
PhpWebGallery 1.3.4 Remote Blind SQL Injection Exploit12-09-2008
WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability12-09-2008
pNews 2.03 (newsid) Remote SQL Injection Vulnerability12-09-2008
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC11-09-2008
Autodealers CMS AutOnline (id) SQL Injection Vulnerability11-09-2008
Autodealers CMS AutOnline (pageid) SQL Injection Vulnerability11-09-2008
PhpWebGallery 1.3.4 (XSS-LFI) Multiple Vulnerabilities11-09-2008
Ezphotogallery 2.1 XSS-FD-Bypass-SQL Injection Exploit11-09-2008
Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion Vulnerability11-09-2008
D-iscussion Board 3.01 (topic) Local File Inclusion Vulnerability11-09-2008
Grafitti Forums 1.0 Remote SQL Injection-HTML Injection Vulnerabilities11-09-2008
phsBlog 0.2 Bypass SQL Injection Filtering Exploit11-09-2008
minb 0.1.0 Remote Code Execution Exploit11-09-2008
Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit11-09-2008
Sports Clubs Web Panel 0.0.1 (id) SQL Injection Vulnerabilities11-09-2008
Easy Photo Gallery 2.1 Arbitrary Add Admin - remove user Vulnerability11-09-2008
PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability11-09-2008
Yourownbux 4.0 (COOKIE) Authentication Bypass Exploit11-09-2008
Zanfi CMS lite - Jaw Portal free (page) SQL Injection Vulnerability10-09-2008
phpVID 1.1 (XSS-SQL) Multiple Remote Vulnerabilities10-09-2008
Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit10-09-2008
aspWebAlbum 3.2 Multiple Remote Vulnerabilities10-09-2008
Zanfi CMS lite - Jaw Portal free (fckeditor) Arbitrary File Upload Vuln10-09-2008
Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method10-09-2008
Zanfi CMS lite 1.2 Multiple Local File Inclusion Vulnerabilities10-09-2008
Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit10-09-2008