BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Event Locations 1.0.1 - 'id' SQL Injection10-01-2019
Event Calendar 3.7.4 - 'id' SQL Injection10-01-2019
Shield CMS 2.2 - 'email' SQL Injection10-01-2019
MLMPro 1.0 - SQL Injection10-01-2019
Architectural 1.0 - 'email' SQL Injection10-01-2019
doitX 1.0 - 'search' SQL Injection10-01-2019
RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)10-01-2019
PEAR Archive_Tar < 1.4.4 - PHP Object Injection10-01-2019
eBrigade ERP 4.5 - Arbitrary File Download10-01-2019
Matrix MLM Script 1.0 - Information Disclosure10-01-2019
BlogEngine 3.3 - XML External Entity Injection09-01-2019
Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion09-01-2019
polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork09-01-2019
Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)09-01-2019
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)09-01-2019
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)09-01-2019
ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting09-01-2019
Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)09-01-2019
Wireshark - 'get_t61_string' Heap Out-of-Bounds Read08-01-2019
CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation08-01-2019
Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection08-01-2019
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)07-01-2019
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)07-01-2019
SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)07-01-2019
BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)07-01-2019
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation07-01-2019
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery07-01-2019
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection07-01-2019
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data07-01-2019
Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal07-01-2019