BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
PHPads 2.0 - 'click.php3?bannerID' SQL Injection06-05-2019
Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter)06-05-2019
LG Supersign EZ CMS - Remote Code Execution (Metasploit)06-05-2019
Linux/x86 - shred file Shellcode (72 bytes)06-05-2019
SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service03-05-2019
Instagram Auto Follow - Authentication Bypass03-05-2019
Linux/x86 - Openssl Encrypt Files With aes256cbc Shellcode (185 bytes)03-05-2019
Linux/x86 - Reverse Shell Shellcode (91 Bytes) + Python Wrapper03-05-2019
Crestron AM/Barco wePresent WiPG/Extron ShareLink/Teq AV IT/SHARP PN-L703WA/Optoma WPS-Pro/Blackbox HD WPS/InFocus LiteShow - Remote Command Injection03-05-2019
Blue Angel Software Suite - Command Execution03-05-2019
Wordpress Plugin Social Warfare < 3.5.3 - Remote Code Execution03-05-2019
Zotonic < 0.47.0 mod_admin - Cross-Site Scripting03-05-2019
Windows PowerShell ISE - Remote Code Execution03-05-2019
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)02-05-2019
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting01-05-2019
Spring Cloud Config 2.1.x - Path Traversal (Metasploit)30-04-2019
Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery30-04-2019
Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)30-04-2019
Joomla! Component ARI Quiz 3.7.4 - SQL Injection30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-site Scripting (Add/Edit Widget)30-04-2019
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow30-04-2019
Netgear DGN2200 / DGND3700 - Admin Password Disclosure30-04-2019
HumHub 1.3.12 - Cross-Site Scripting30-04-2019
Joomla! Component JiFile 2.3.1 - Arbitrary File Download30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-Site Scripting30-04-2019
Intelbras IWR 3000N - Denial of Service (Remote Reboot)30-04-2019
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow30-04-2019
Domoticz 4.10577 - Unauthenticated Remote Command Execution30-04-2019
Veeam ONE Reporter 9.5.0.3201 - Multiple Cross-Site Request Forgery30-04-2019
Agent Tesla Botnet - Information Disclosure30-04-2019