BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability23-10-2007
Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit23-10-2007
PHP Image 1.2 Multiple Remote File Inclusion Vulnerabilities23-10-2007
PHP 5.x COM functions safe_mode and disable_function bypass22-10-2007
SocketMail 2.2.8 fnc-readmail3.php Remote File Inclusion Vulnerability22-10-2007
TOWeLS 0.1 scripture.php Remote File Inclusion Vulnerability22-10-2007
LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln22-10-2007
Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities22-10-2007
InstaGuide Weather Script (index.php) Local File Inclusion Vulnerability22-10-2007
Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit22-10-2007
PHP Project Management <= 0.8.10 Multiple RFI - LFI Vulnerabilities21-10-2007
BBPortalS <= 2.0 Remote Blind SQL Injection Exploit21-10-2007
PeopleAggregator <= 1.2pre6-release-53 Multiple RFI Vulnerabilities21-10-2007
Apache Tomcat (webdav) Remote File Disclosure Exploit (ssl support)21-10-2007
Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit20-10-2007
Vanilla <= 1.1.3 Remote Blind SQL Injection Exploit20-10-2007
ZZ FlashChat <= (help.php) 3.1 Local File Inclusion Vulnerability19-10-2007
awzMB <= 4.2 beta 1 Multiple Remote File Inclusion Vulnerabilities18-10-2007
PHPDJ 0.5 (djpage.php page) Remote File Inclusion Vulnerability17-10-2007
LimeSurvey <= 1.52 (language.php) Remote File Inclusion Vulnerability17-10-2007
Artmedic CMS <= 3.4 (index.php page) Local File Inclusion Vulnerability16-10-2007
Okul Otomasyon Portal 2.0 Remote SQL Injection Vulnerability16-10-2007
GCALDaemon <= 1.0-beta13 Remote Denial of Service Exploit16-10-2007
Boa 0.93.15 HTTP Basic Authentication Bypass Exploit16-10-2007
eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit15-10-2007
eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit15-10-2007
eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit15-10-2007
eXtremail <= 2.1.1 Remote Heap Overflow PoC15-10-2007
doop CMS <= 1.3.7 (page) Local File Inclusion Vulnerability15-10-2007
eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit15-10-2007