BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
phpSecurePages <= 0.28b (secure.php) Remote File Include Vulnerability28-09-2006
phpBB XS <= 0.58a (phpbb_root_path) Remote File Include Vulnerability28-09-2006
Newswriter SW <= 1.42 (editfunc.inc.php) File Include Vulnerability27-09-2006
MS Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit27-09-2006
Blog Pixel Motion 2.1.1 PHP Code Execution - Create Admin Exploit27-09-2006
A-Blog 2.0 Multiple Remote File Include Vulnerabilities27-09-2006
Newswriter SW 1.4.2 (main.inc.php) Remote File Include Exploit27-09-2006
OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit27-09-2006
NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit27-09-2006
NaviCOPA Web Server 2.01 (GET) Remote Buffer Overflow Exploit27-09-2006
WEB--NEWS <= 1.4 (parser.php) Remote File Include Vulnerability26-09-2006
A-Blog V2 (menu.php) Remote File Include Vulnerability26-09-2006
paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit26-09-2006
Kietu? <= 4.0.0b2 (hit.php) Remote File Include Vulnerability26-09-2006
MS Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)25-09-2006
Polaring <= 0.04.03 (general.php) Remote File Include Vulnerability25-09-2006
PBLang <= 4.66z (temppath) Remote File Include Vulnerability25-09-2006
Minerva <= 2.0.21 build 238a (phpbb_root_path) File Include Vulnerability25-09-2006
evoBB <= 0.3 (path) Remote File Include Vulnerability25-09-2006
BrudaNews <= 1.1 (admin-index.php) Remote File Include Vulnerability25-09-2006
BrudaGB <= 1.1 (admin-index.php) Remote File Include Vulnerability25-09-2006
faceStones personal <= 2.0.42 (fs_form_links.php) File Include Vuln25-09-2006
Web-News <= 1.6.3 (template.php) Remote File Include Vulnerability24-09-2006
ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability24-09-2006
Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Exploit24-09-2006
Advaced-Clan-Script <= 3.4 (mcf.php) Remote File Include Vulnerability24-09-2006
iyzi Forum <= 1.0 Beta 3 (uye_ayrinti.asp) Remote SQL Injection24-09-2006
SyntaxCMS <= 1.3 (0004_init_urls.php) Remote File Include Vulnerability24-09-2006
MS Internet Explorer (VML) Remote Buffer Overflow Exploit (XP SP2)24-09-2006
exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit22-09-2006