diff --git a/OFBiz/CVE-2018-8033/CVE-2018-8033.gif b/OFBiz/CVE-2018-8033/CVE-2018-8033.gif
new file mode 100644
index 0000000..7c1087e
Binary files /dev/null and b/OFBiz/CVE-2018-8033/CVE-2018-8033.gif differ
diff --git a/OFBiz/CVE-2018-8033/README.md b/OFBiz/CVE-2018-8033/README.md
new file mode 100644
index 0000000..dfa92a3
--- /dev/null
+++ b/OFBiz/CVE-2018-8033/README.md
@@ -0,0 +1,11 @@
+# CVE-2018-8033 Apache OFBiz XXE File Read
+
+In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host.
+
+**Affected version**: Apache OFBiz 16.11.01 - 16.11.04
+
+**[FOFA](https://fofa.so/result?q=header%3D%22Set-Cookie%3A+OFBiz.Visitor%22&qbase64=aGVhZGVyPSJTZXQtQ29va2llOiBPRkJpei5WaXNpdG9yIg%3D%3D&file=&file=) query rule**: header="Set-Cookie: OFBiz.Visitor"
+
+# Demo
+
+![](CVE-2018-8033.gif)
\ No newline at end of file