BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit26-05-2005
Exim <= 4.41 dns_build_reverse Local Exploit25-05-2005
Mozilla Firefox view-source:javascript url Code Execution Exploit21-05-2005
TCP TIMESTAMPS Denial of Service Exploit21-05-2005
Fusion SBX <= 1.2 Remote Command Execution Exploit20-05-2005
WebAPP v0.9.9.2.1 Remote Command Execution Exploit (2nd updated)20-05-2005
WebAPP v0.9.9.2.1 Remote Command Execution Exploit (1st)20-05-2005
Woltlab Burning Board <= 2.3.1 register.php SQL-Injection Exploit20-05-2005
AIX 5.1 Bellmail Local Race Condition Exploit (Instructions w- Exploit)19-05-2005
BakBone NetVault 6.x-7.x Remote Heap Buffer Overflow17-05-2005
ZPanel <= 2.5b10 Remote SQL Injection Exploit17-05-2005
Linux Mandrake <= 10.2 cdrdao Local Root Exploit (unfixed)17-05-2005
Linux Kernel <= 2.6.12-rc4 (ioctl_by_bdev) Local Denial of Service Exploit17-05-2005
Gaim <= 1.2.1 URL Handling Remote Stack Overflow Exploit17-05-2005
MS Windows XP-2003 IPv6 Remote Denial of Service Exploit17-05-2005
BakBone NetVault 6.x-7.x Remote Heap Buffer Overflow17-05-2005
PhotoPost Arbitrary Data Remote Exploit13-05-2005
Remote File Manager 1.0 Denial of Service Exploit08-05-2005
Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit07-05-2005
Mozilla Firefox Install Method Remote Arbitrary Code Execution Exploit07-05-2005
Hosting Controller <= 0.6.1 Unauthenticated User Registeration (2nd)07-05-2005
ZeroBoard Worm Source Code06-05-2005
DataTrac Activity Console Denial of Service Exploit06-05-2005
dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit05-05-2005
dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit05-05-2005
Ashley's Web Server Denial of Service Exploit04-05-2005
Hosting Controller <= 0.6.1 Unauthenticated User Registration Exploit04-05-2005
I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit04-05-2005
HP-UX FTPD <= 1.1.214.4 "REST" Remote Brute Force Exploit03-05-2005
Subversion 0.3.7-1.0.0 Remote Buffer Overflow Exploit03-05-2005