BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Xtreme-Ditto News <= 1.0 (post.php) Remote File Include Vulnerability07-06-2006
QBik Wingate 6.1.1.1077 (POST) Remote Buffer Overflow Exploit07-06-2006
Wikiwig <= 4.1 (wk_lang.php) Remote File Include Vulnerability06-06-2006
myNewsletter <= 1.1.2 (adminLogin.asp) Login Bypass Exploit06-06-2006
Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit05-06-2006
Particle Wiki <= 1.0.2 (version) Remote SQL Injection Vulnerability05-06-2006
dotWidget CMS <= 1.0.6 (file_path) Remote File Include Vulnerabilities05-06-2006
Linux Kernel < 2.6.16.18 (Netfilter NAT SNMP Module) Remote DoS Exploit05-06-2006
DreamAccount <= 3.1 (da_path) Remote File Include Vulnerabilities05-06-2006
Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit05-06-2006
FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit04-06-2006
SCart 2.0 (page) Remote Code Execution Exploit04-06-2006
Pixelpost <= 1-5rc1-2 Remote Privilege Escalation Exploit03-06-2006
DotClear <= 1.2.4 (prepend.php) Arbitrary Remote Inclusion Exploit03-06-2006
BlueShoes Framework <= 4.6 Remote File Include Vulnerabilities03-06-2006
WebspotBlogging <= 3.0.1 (path) Remote File Include Vulnerability03-06-2006
CS-Cart <= 1.3.3 (classes_dir) Remote File Include Vulnerability03-06-2006
ProPublish 2.0 (catid) Remote SQL Injection Vulnerability03-06-2006
LifeType <= 1.0.4 SQL Injection - Admin Credentials Disclosure Exploit03-06-2006
Redaxo CMS <= 3.2 (INCLUDE_PATH) Remote File Include Vulnerabilities02-06-2006
iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)02-06-2006
Igloo <= 0.1.9 (Wiki.php) Remote File Include Vulnerability02-06-2006
ashNews 0.83 (pathtoashnews) Remote File Include Vulnerabilities02-06-2006
Informium 0.12.0 (common-menu.php) Remote File Include Vulnerabilities02-06-2006
PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions02-06-2006
Mozilla Firefox <= 1.5.0.4 (marquee) Denial of Service Exploit02-06-2006
TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit01-06-2006
AssoCIateD CMS 1.1.3 (root_path) Remote File Include Vulnerability01-06-2006
aspWebLinks 2.0 Remote SQL Injection - Admin Pass Change Exploit01-06-2006
Bytehoard 2.1 (server.php) Remote File Include Vulnerability01-06-2006