diff --git a/README.md b/README.md
index 3997810..029044c 100644
--- a/README.md
+++ b/README.md
@@ -1014,7 +1014,7 @@
 -  [在没有执行和写入权限下注入shellcode-Process Injection without Write_Execute Permission](./books/Process20%Injection20%without20%Write_Execute20%Permission20%_20%Ret2Pwn.pdf)
 -  [利用PHAR协议进行PHP反序列化攻击](./books/利用PHAR协议进行PHP反序列化攻击.pdf)
 -  [Seacms代码审计小结(后台多处getshell)](./books/Seacms代码审计小结(后台多处getshell).pdf)-[原文地址](https://xz.aliyun.com/t/9777)
--  [SpringBoot 框架华夏 ERP 源码审计『java代码审计』](./books/SpringBoot20%框架华夏20%ERP20%源码审计.pdf)
+-  [SpringBoot 框架华夏 ERP 源码审计『java代码审计』](./books/SpringBoot20%框架华夏20%ERP20%源码审计.pdf)|[华夏ERP_v2.3.1最新版SQL与RCE的审计过程](./books/华夏ERP_v2.3.1最新版SQL与RCE的审计过程.pdf)
 -  [盘企LCMS的代码审计『CNVD-2021-28469』](./books/盘企LCMS的代码审计『CNVD-2021-28469』.pdf)-[原文地址](https://xz.aliyun.com/t/9800)
 -  [科迈 RAS4.0 审计分析](./books/科迈20%RAS4.020%审计分析.pdf)-[原文地址](https://xz.aliyun.com/t/9809)
 
diff --git a/books/华夏ERP_v2.3.1最新版SQL与RCE的审计过程.pdf b/books/华夏ERP_v2.3.1最新版SQL与RCE的审计过程.pdf
new file mode 100644
index 0000000..2a601c0
Binary files /dev/null and b/books/华夏ERP_v2.3.1最新版SQL与RCE的审计过程.pdf differ