BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability06-01-2008
RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit06-01-2008
Uebimiau Web-Mail 2.7.10-2.7.2 Remote File Disclosure Vulnerability06-01-2008
XOOPS mod_gallery Zend_Hash_key + Extract RFI Vulnerability06-01-2008
PortalApp 4.0 (SQL-XSS-Auth Bypasses) Multiple Remote Vulnerabilities06-01-2008
LoudBlog <= 0.6.1 (parsedpage) Remote Code Execution Vulnerability06-01-2008
Horde Web-Mail 3.x (go.php) Remote File Disclosure Vulnerability06-01-2008
CuteNews 1.1.1 (html.php) Remote Code Execution Vulnerability06-01-2008
NetRisk 1.9.7 (XSS-SQL) Multiple Remote Vulnerabilities06-01-2008
DCP-Portal <= 6.11 Remote SQL Injection Exploit06-01-2008
SineCMS <= 2.3.5 Local File Inclusion - RCE Vulnerabilities06-01-2008
Shop-Script 2.0 index.php Remote File Disclosure Vulnerability06-01-2008
Half-Life CSTRIKE Server 1.6 Denial of Service Exploit (no-steam)06-01-2008
samPHPweb (songinfo.php) Remote SQL Injection Vulnerability05-01-2008
ClipShare 2.6 Remote User Password Change Exploit05-01-2008
SNETWORKS PHP CLASSIFIEDS 5.0 Remote File Inclusion Vulnerability05-01-2008
CoolPlayer 2.17 .m3u Playlist Stack Overflow Exploit05-01-2008
Tribisur <= 2.0 Remote SQL Injection Exploit05-01-2008
Invision Power Board <= 2.1.7 ACTIVE XSS-SQL Injection Exploit05-01-2008
NetRisk 1.9.7 (change_submit.php) Remote Password Change Exploit05-01-2008
MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities05-01-2008
NetRisk <= 1.9.7 Remote-Local File Inclusion Vulnerability04-01-2008
samPHPweb (db.php commonpath) Remote File Inclusion Vulnerability04-01-2008
WebPortal CMS 0.6-beta Remote Password Change Exploit04-01-2008
MyPHP Forum <= 3.0 (Final) Remote SQL Injection Vulnerability03-01-2008
Site@School <= 2.4.10 Remote Blind SQL Injection Exploit03-01-2008
DivX Player 6.6.0 ActiveX SetPassword() Denial of Service PoC02-01-2008
ClipShare (uprofile.php UID) Remote SQL Injection Vulnerability02-01-2008
AGENCY4NET WEBFTP 1 download2.php File Disclosure Vulnerability01-01-2008
IPTBB <= 0.5.4 (viewdir id) Remote Sql Injection Vulnerability31-12-2007