BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
LoveCMS 1.6.2 Final Remote Code Execution Exploit06-08-2008
LoveCMS 1.6.2 Final Update Settings Remote Exploit06-08-2008
Quate CMS 0.3.4 (LFI-XSS) Multiple Remote Vulnerabilities06-08-2008
Request It 1.0 (index.php id) Remote File Inclusion Vulnerability06-08-2008
Free Hosting Manager 1.2-2.0 Insecure Cookie Handling Vulnerability06-08-2008
Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit06-08-2008
Plogger <= 3.0 Remote SQL Injection Vulnerability05-08-2008
IGES CMS <= 2.0 (XSS-SQL) Multiple Remote Vulnerabilities05-08-2008
LiteNews <= 0.1 Insecure Cookie Handling Vulnerability05-08-2008
LiteNews <= 0.1 (id) Remote SQL Injection Vulnerability05-08-2008
HydraIrc <= 0.3.164 (last) Remote Denial of Service Exploit04-08-2008
Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities04-08-2008
IntelliTamper 2.07 (imgsrc) Remote Buffer Overflow Exploit03-08-2008
Xerox Phaser 8400 (reboot) Remote Denial of Service Exploit03-08-2008
TGS CMS 0.3.2r2 Remote Code Execution Exploit03-08-2008
Joomla Component EZ Store Remote Blind SQL Injection Exploit03-08-2008
syzygyCMS 0.3 (index.php page) Local File Inclusion Vulnerability03-08-2008
e-Vision CMS <= 2.02 (SQL-Upload-IG) Multiple Remote Vulnerabilities02-08-2008
K-Links Directory (SQL-XSS) Multiple Remote Vulnerabilities02-08-2008
E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability02-08-2008
moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit02-08-2008
phpMyRealty (location) Remote SQL Injection Vulnerability01-08-2008
RealVNC Windows Client 4.1.2 Remote DOS Crash PoC01-08-2008
PHPAuction GPL Enhanced 2.51 (profile.php) SQL Injection Vulnerability01-08-2008
ABG Blocking Script 1.0a (abg_path) Remote File Inclusion Vulnerability01-08-2008
E-topbiz Dating 3 PHP Script (mail_id) Remote SQL Injection Vulnerability01-08-2008
Scripts24 iTGP 1.0.4 (id) Remote SQL Injection Vulnerability01-08-2008
Scripts24 iPost 1.0.1 (id) Remote SQL Injection Vulnerability01-08-2008
eStoreAff 0.1 (cid) Remote SQL Injection Vulnerability01-08-2008
IrfanView <= 3.99 IFF File Local Stack Buffer Overflow Exploit01-08-2008