BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability01-08-2008
phsBlog 0.1.1 Multiple Remote SQL Injection Vulnerabilities01-08-2008
F-PROT antivirus 6.2.1.4252 (malformed archive) Infinite Loop DoS Exploit31-07-2008
NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit31-07-2008
PHPX 3.5.16 Cookie Poisoning and Login Bypass Vulnerability31-07-2008
Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit31-07-2008
Coppermine Photo Gallery <= 1.4.18 LFI - Remote Code Execution Exploit31-07-2008
LetterIt 2 (language) Local File Inclusion Vulnerability31-07-2008
HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability30-07-2008
HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability30-07-2008
PHP Hosting Directory 2.0 Insecure Cookie Handling Vulnerability30-07-2008
nzFotolog 0.4.1 (action_file) Local File Inclusion Vulnerability30-07-2008
ZeeReviews (comments.php ItemID) Remote SQL Injection Vulnerability30-07-2008
HIOX Random Ad 1.3 Arbitrary Add Admin User Exploit30-07-2008
Article Friendly Pro-Standard (Cat) Remote SQL Injection Vulnerability30-07-2008
HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit30-07-2008
PozScripts Classified Ads Script (cid) SQL Injection Vulnerability30-07-2008
TubeGuru Video Sharing Script (UID) SQL Injection Vulnerability30-07-2008
eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit30-07-2008
Pligg <= 9.9.0 Remote Code Execution Exploit30-07-2008
Pligg <= 9.9.0 (XSS-LFI-SQL) Multiple Remote Vulnerabilities30-07-2008
Cisco IOS 12.3(18) FTP Server Remote Exploit (attached to gdb)29-07-2008
Minishowcase 09b136 (lang) Local File Inclusion Vulnerability29-07-2008
CoolPlayer m3u File Local Buffer Overflow Exploit29-07-2008
e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit29-07-2008
Gregarius <= 0.5.4 rsargs[] Remote SQL Injection Vulnerability29-07-2008
PHP Hosting Directory 2.0 (admin.php rd) RFI Vulnerability29-07-2008
Pligg CMS 9.9.0 (story.php id) Remote SQL Injection Vulnerability28-07-2008
Youtuber Clone (ugroups.php UID) Remote SQL Injection Vulnerability28-07-2008
TalkBack 2.3.5 (language) Local File Inclusion Vulnerability28-07-2008