BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
FarsiNews <= 2.5 Directory Traversal Arbitrary (users.db) Access Exploit28-02-2006
MyBulletinBoard (MyBB) <= 1.03 (misc.php COMMA) SQL Injection28-02-2006
FreeBSD 6.0 (nfsd) Remote Kernel Panic Denial of Service Exploit28-02-2006
Kerio Personal Firewall <= 2.1.4 Remote Authentication Packet Overflow28-02-2006
CrossFire <= 1.8.0 (oldsocketmode) Remote Buffer Overflow PoC27-02-2006
4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit26-02-2006
SCO Unixware 7.1.3 (ptrace) Local Privilege Escalation Exploit26-02-2006
iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit25-02-2006
Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection25-02-2006
Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass25-02-2006
SaphpLesson 2.0 (forumid) Remote SQL Injection Exploit25-02-2006
ArGoSoft FTP Server <= 1.4.3.5 Remote Buffer Overflow PoC25-02-2006
PwsPHP <= 1.2.3 (index.php) Remote SQL Injection Exploit25-02-2006
phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit24-02-2006
Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit24-02-2006
NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit23-02-2006
PHP-Nuke 7.5 - 7.8 (Search) Remote SQL Injection Exploit23-02-2006
VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit23-02-2006
Mac OS X Safari Browser (Safe File) Remote Code Execution Exploit22-02-2006
MS Windows Media Player Plugin Overflow Exploit (MS06-006)(3)22-02-2006
Noahs Classifieds <= 1.3 (lowerTemplate) Remote Code Execution22-02-2006
phpBB <= 2.0.18 Remote Bruteforce-Dictionary Attack Tool (updated)20-02-2006
GeekLog 1.* (error.log) Remote Commands Execution Exploit (gpc = Off)20-02-2006
ilchClan <= 1.05g (tid) Remote SQL Injection Exploit20-02-2006
PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit20-02-2006
MySQL 4.x-5.0 User-Defined Function Local Privilege Escalation Exploit20-02-2006
Admbook <= 1.2.2 (X-Forwarded-For) Remote Command Execution Exploit19-02-2006
BXCP <= 0.2.9.9 (tid) Remote SQL Injection Exploit19-02-2006
MiniNuke <= 1.8.2b (pages.asp) Remote SQL Injection Exploit19-02-2006
MS Windows Media Player 9 Plugin Overflow Exploit (MS06-006) (meta)17-02-2006