BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
madwifi <= 0.9.2.1 WPA-RSN IE Remote Kernel Buffer Overflow Exploit01-03-2007
Angel LMS 7.1 (default.asp id) Remote SQL Injection Vulnerability01-03-2007
Snort 2.6.1 DCE-RPC Preprocessor Remote Buffer Overflow Exploit01-03-2007
DivX Web Player 1.3.0 (npdivx32.dll) Remote Denial of Service Exploit01-03-2007
phpMyFAQ <= 1.6.7 Remote SQL Injection - Command Execution Exploit01-03-2007
PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC01-03-2007
WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC01-03-2007
Plan 9 Kernel (devenv.c OTRUNC-pwrite) Local Exploit28-02-2007
Ubuntu-Debian Apache 1.3.33-1.3.34 (CGI TTY) Local Root Exploit28-02-2007
XM Easy Personal FTP Server 5.30 (ABOR) Format String DoS Exploit28-02-2007
McAfee VirusScan for Mac (Virex) <= 7.7 Local Root Exploit28-02-2007
vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit28-02-2007
3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Exploit (perl)28-02-2007
3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Exploit (perl)28-02-2007
Kiwi CatTools TFTP <= 3.2.8 Remote Path Traversal Vulnerability27-02-2007
NetProxy <= 4.03 Web Filter Evasion - Bypass Logging Exploit27-02-2007
Admin Phorum 3.3.1a (del.php include_path) RFI Vulnerability27-02-2007
Oracle 10g KUPW$WORKER.MAIN SQL Injection Exploit v226-02-2007
Oracle 10g KUPV$FT.ATTACH_JOB SQL Injection Exploit v226-02-2007
Oracle 9i-10g DBMS_METADATA.GET_DDL SQL Injection Exploit v226-02-2007
Oracle 9i-10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit v226-02-2007
STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit26-02-2007
PHP-MIP 0.1 (top.php laypath) Remote File Include Vulnerability25-02-2007
News Rover 12.1 Rev 1 Remote Stack Overflow Exploit (perl)24-02-2007
Extreme phpBB 3.0.1 (functions.php) Remote File Include Exploit24-02-2007
Coppermine Photo Gallery 1.3.x Remote Blind SQL Injection Exploit24-02-2007
CS-Gallery 2.0 (index.php album) Remote File Include Exploit24-02-2007
phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit24-02-2007
Snort 2.6.1 DCE-RPC Preprocessor Remote Buffer Overflow DoS Exploit23-02-2007
Oracle 9i-10g DBMS_METADATA.GET_DDL SQL Injection Exploit23-02-2007