BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Windows PowerShell ISE - Remote Code Execution03-05-2019
Crestron AM/Barco wePresent WiPG/Extron ShareLink/Teq AV IT/SHARP PN-L703WA/Optoma WPS-Pro/Blackbox HD WPS/InFocus LiteShow - Remote Command Injection03-05-2019
Linux/x86 - Reverse Shell Shellcode (91 Bytes) + Python Wrapper03-05-2019
Instagram Auto Follow - Authentication Bypass03-05-2019
SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service03-05-2019
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)02-05-2019
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting01-05-2019
Netgear DGN2200 / DGND3700 - Admin Password Disclosure30-04-2019
Joomla! Component JiFile 2.3.1 - Arbitrary File Download30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Multiple Cross-Site Request Forgery30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-Site Scripting30-04-2019
Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)30-04-2019
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow30-04-2019
Hyvikk Fleet Manager - Shell Upload30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-site Scripting (Add/Edit Widget)30-04-2019
Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery30-04-2019
Agent Tesla Botnet - Information Disclosure30-04-2019
Domoticz 4.10577 - Unauthenticated Remote Command Execution30-04-2019
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow30-04-2019
Spring Cloud Config 2.1.x - Path Traversal (Metasploit)30-04-2019
HumHub 1.3.12 - Cross-Site Scripting30-04-2019
Joomla! Component ARI Quiz 3.7.4 - SQL Injection30-04-2019
Intelbras IWR 3000N - Denial of Service (Remote Reboot)30-04-2019
SpotAuditor 5.2.6 - 'Name' Denial of Service (PoC)30-04-2019
DeviceViewer 3.12.0.1 - 'user' SEH Overflow30-04-2019
Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 - Remote Code Execution30-04-2019
Linux - Missing Locking Between ELF coredump code and userfaultfd VMA Modification30-04-2019
Pimcore < 5.71 - Unserialize RCE (Metasploit)30-04-2019
AIS logistics ESEL-Server - Unauth SQL Injection RCE (Metasploit)30-04-2019
NSauditor 3.1.2.0 - 'Community' Denial of Service (PoC)26-04-2019