diff --git a/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.gif b/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.gif
new file mode 100644
index 0000000..f27d553
Binary files /dev/null and b/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.gif differ
diff --git a/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.md b/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.md
new file mode 100644
index 0000000..ad64a3d
--- /dev/null
+++ b/PbootCMS/PbootCMS_parserIfLabel_RCE/PbootCMS_parserIfLabel_RCE.md
@@ -0,0 +1,9 @@
+# PbootCMS parserIfLabel RCE
+
+A Remote Code Execution vulnerability exists in parserIfLabel function. Exploit demand: PbootCMS 3.0.1-3.0.4, PHP >= 7.0, system() function is not forbidden.
+
+**FOFAquery rule**: [app="PBOOTCMS"](https://fofa.so/result?qbase64=YXBwPSJQQk9PVENNUyI%3D)
+
+# Demo
+
+![](PbootCMS_parserIfLabel_RCE.gif)
\ No newline at end of file