BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Intermec PM43 Industrial Printer - Privilege Escalation 28-03-2017
VX Search Enterprise 9.5.12 - 'Verify Email' Buffer Overflow 28-03-2017
DzSoft PHP Editor 4.2.7 - File Enumeration 28-03-2017
Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow 27-03-2017
Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow 27-03-2017
CouponPHP CMS 3.1 - 'code' Parameter SQL Injection 27-03-2017
Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection 27-03-2017
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory 27-03-2017
Apple Safari - Out-of-Bounds Read when Calling Bound Function 27-03-2017
Github Enterprise - Default Session Secret And Deserialization (Metasploit) 27-03-2017
Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode 27-03-2017
Apple Safari - 'DateTimeFormat.format' Type Confusion 27-03-2017
QNAP QTS < 4.2.4 - Domain Privilege Escalation 27-03-2017
Courier Tracking Software 6.0 - SQL Injection 26-03-2017
Parcel Delivery Booking Script 1.0 - SQL Injection 26-03-2017
Hotel Booking Script 1.0 - SQL Injection 26-03-2017
Tour Package Booking 1.0 - SQL Injection 26-03-2017
Alibaba Clone Script - SQL Injection 26-03-2017
Php Real Estate Property Script - SQL Injection 26-03-2017
Delux Same Day Delivery Script 1.0 - SQL Injection 26-03-2017
B2B Marketplace Script 2.0 - SQL Injection 26-03-2017
Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation 25-03-2017
Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation 25-03-2017
Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) 24-03-2017
NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit) 24-03-2017
Miele Professional PG 8528 - Directory Traversal 24-03-2017
Gr8 Tutorial Script - SQL Injection 24-03-2017
Gr8 Gallery Script - SQL Injection 24-03-2017
Linux/x86 - Reverse /bin/bash Shellcode (110 bytes) 24-03-2017
wifirxpower - Local Buffer Overflow 23-03-2017