diff --git a/Tenda/uploadWewifiPic RCE/README.md b/Tenda/uploadWewifiPic RCE/README.md
new file mode 100644
index 0000000..46d3379
--- /dev/null
+++ b/Tenda/uploadWewifiPic RCE/README.md	
@@ -0,0 +1,9 @@
+# Tenda Auth uploadWewifiPic RCE
+
+Tenda router is an efficient and practical router. There is a command execution vulnerability in the uploadWewifiPic route in the background of Tenda routers. Attackers can use the vulnerability to execute arbitrary commands to obtain server permissions.
+
+FOFA **query rule**: [body="Tenda|登录" && body="tenda.css"](https://fofa.info/result?qbase64=Ym9keT0iVGVuZGF855m75b2VIiAmJiBib2R5PSJ0ZW5kYS5jc3Mi)
+
+# Demo
+
+![Tenda_Auth_uploadWewifiPic_RCE](Tenda_Auth_uploadWewifiPic_RCE.gif)
diff --git a/Tenda/uploadWewifiPic RCE/Tenda_Auth_uploadWewifiPic_RCE.gif b/Tenda/uploadWewifiPic RCE/Tenda_Auth_uploadWewifiPic_RCE.gif
new file mode 100644
index 0000000..5bc53a5
Binary files /dev/null and b/Tenda/uploadWewifiPic RCE/Tenda_Auth_uploadWewifiPic_RCE.gif differ
diff --git a/Zabbix/CVE-2022-23131/README.md b/Zabbix/CVE-2022-23131/README.md
new file mode 100644
index 0000000..80024a7
--- /dev/null
+++ b/Zabbix/CVE-2022-23131/README.md
@@ -0,0 +1,9 @@
+# Zabbix Login Bypass (CVE-2022-23131)
+
+Zabbix is an open source monitoring system. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring, etc. A login bypass vulnerability exists in Zabbix that arises when SAML SSO authentication is enabled (not default). An unauthenticated malicious attacker could exploit the vulnerability to escalate privileges and gain administrator access to the Zabbix frontend.
+
+FOFA **query rule**: [body="SAML" && (banner="zbx_session=" || header="zbx_session=")](https://fofa.info/result?qbase64=Ym9keT0iU0FNTCIgJiYgKGJhbm5lcj0iemJ4X3Nlc3Npb249IiB8fCBoZWFkZXI9InpieF9zZXNzaW9uPSIp)
+
+# Demo
+
+![Zabbix_Login_Bypass_CVE_2022_23131](Zabbix_Login_Bypass_CVE_2022_23131.gif)
diff --git a/Zabbix/CVE-2022-23131/Zabbix_Login_Bypass_CVE_2022_23131.gif b/Zabbix/CVE-2022-23131/Zabbix_Login_Bypass_CVE_2022_23131.gif
new file mode 100644
index 0000000..0e51c4e
Binary files /dev/null and b/Zabbix/CVE-2022-23131/Zabbix_Login_Bypass_CVE_2022_23131.gif differ