diff --git a/exploits/php/webapps/50272.txt b/exploits/php/webapps/50272.txt
new file mode 100644
index 000000000..8b0ca8ba4
--- /dev/null
+++ b/exploits/php/webapps/50272.txt
@@ -0,0 +1,22 @@
+# Exploit Title: Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
+# Date: 2021-09-08
+# Exploit Author: Emre Aslan
+# Vendor Homepage: https://phpgurukul.com/
+# Software Link: https://phpgurukul.com/wp-content/uploads/2021/07/Bus-Pass-Management-System-Using-PHP-MySQL.zip
+# Version: 1.0
+# Tested on: Windows 11 - XAMPP Server
+
+# Vulnerable page: host/admin/*
+
+# Vulnerable Code:
Admin[PAYLOAD]
+
+# Vulnerable Parameter: adminname[ POST Data ]
+
+# Tested Payload: