BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
SpotLight CRM 1.0 (login.asp) Remote SQL Injection Vulnerability09-12-2006
Request For Travel 1.0 (product) Remote SQL Injection Vulnerability09-12-2006
HR Assist <= 1.05 (vdateUsr.asp) Remote Login ByPass Vulnerability09-12-2006
Tucows Client Code Suite (CSS) <= 1.2.1015 File Include Vulnerability08-12-2006
CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability08-12-2006
ThinkEdit 1.9.2 (render.php) Remote File Inclusion Vulnerability08-12-2006
paFileDB 3.5.2-3.5.3 Remote Login Bypass SQL Injection Vulnerability08-12-2006
J-OWAMP Web Interface <= 2.1b (link) Remote File Include Exploit07-12-2006
Phorum <= 3.2.11 (common.php) Remote File Include Vulnerability06-12-2006
cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability04-12-2006
F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit04-12-2006
F-Prot Antivirus 4.6.6 (CHM) Heap Overflow Exploit PoC04-12-2006
PHP Upload Center 2.0 (activate.php) File Include Vulnerabilities03-12-2006
AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit03-12-2006
Envolution <= 1.1.0 (PNSVlang) Remote Code Execution Exploit03-12-2006
QuickCart 2.0 (categories.php) Local File Inclusion Exploit03-12-2006
php-revista <= 1.1.2 (adodb) Multiple Remote File Include Vulnerabilities03-12-2006
AT-TFTP <= 1.9 (Long Filename) Remote Buffer Overflow Exploit03-12-2006
BBS E-Market Professional (Path Disclosure-Include) Multiple Vulns02-12-2006
Simple File Manager 0.24a Multiple Remote Vulnerabilities02-12-2006
awrate.com Message Board 1.0 (search.php) Remote Include Vulnerability02-12-2006
mxBB Module mx_tinies <= 1.3.0 Remote File Include Vulnerability02-12-2006
WikyBlog 1.3.2 (include-WBmap.php) Local File Inclusion Exploit01-12-2006
deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability01-12-2006
Invision Community Blog Mod 1.2.4 SQL Injection Vulnerability01-12-2006
ContentServ 4.x (admin-FileServer.php) File Disclosure Vulnerability01-12-2006
MS Windows spoolss GetPrinterData() Remote DoS Exploit (0day)01-12-2006
BlazeVideo HDTV Player <= 2.1 Malformed PLF Buffer Overflow PoC01-12-2006
Ultimate HelpDesk (XSS-Local File Disclosure) Vulnerabilities01-12-2006
3Com TFTP Service <= 2.0.1 (Long Transporting Mode) Overflow Exploit30-11-2006