BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Buddy Zone <= 1.5 Multiple SQL Injection Vulnerabilities30-06-2007
Ripe Website Manager (CMS) <= 0.8.9 Remote File Inclusion Vulns30-06-2007
TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulns30-06-2007
XCMS 1.1 (Galerie.php) Local File Inclusion Vulnerabilities30-06-2007
sPHPell 1.01 Multiple Remote File Inclusion Vulnerabilities30-06-2007
W3Filer 2.1.3 Remote Stack Overflow PoC29-06-2007
Buddy Zone 1.5 (view_sub_cat.php cat_id) SQL Injection Vulnerability29-06-2007
b1gbb 2.24.0 (SQL Injection - XSS) Remote Vulnerabilities28-06-2007
AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) BoF Exploit28-06-2007
GL-SH Deaf Forum <= 6.4.4 Local File Inclusion Vulnerabilities28-06-2007
WebChat 0.78 (login.php rid) Remote SQL Injection Vulnerability28-06-2007
QuickTalk forum 1.3 (lang) Local File Inclusion Vulnerabilities27-06-2007
QuickTicket 1.2 (qti_checkname.php) Local File Inclusion Vulnerability27-06-2007
RealNetworks RealPlayer-HelixPlayer SMIL wallclock Stack Overflow PoC27-06-2007
HP Digital Imaging (hpqxml.dll 2.0.0.133) Arbitary Data Write Exploit27-06-2007
Sony Network Camera SNC-P5 v1.0 ActiveX viewer Heap Overflow PoC27-06-2007
Microsoft Excel 2000-2003 Sheet Name Vulnerability PoC27-06-2007
NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile() Insecure Method26-06-2007
Avaxswf.dll v.1.0.0.1 from Avax Vector ActiveX Arbitrary Data Write26-06-2007
phpSiteBackup 0.1 (pcltar.lib.php) Remote File Inclusion Vulnerability26-06-2007
EVA-Web 1.1<= 2.2 (index.php3) Remote File Inclusion Vulnerabilities26-06-2007
WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit26-06-2007
elkagroup Image Gallery 1.0 Remote SQL Injection Vulnerability26-06-2007
NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) Exploit25-06-2007
b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability25-06-2007
BugMall Shopping Cart 2.5 (SQL-XSS) Multiple Remote Vulnerabilities25-06-2007
6ALBlog (newsid) Remote SQL Injection Vulnerability25-06-2007
SiteDepth CMS 3.44 (ShowImage.php name) File Disclosure Vulnerability25-06-2007
DreamLog 0.5 (upload.php) Arbitrary File Upload Exploit25-06-2007
Pagetool 1.07 (news_id) Remote SQL Injection Vulnerability25-06-2007