diff --git a/C#/obj/Debug/net8.0/c2.AssemblyInfo.cs b/C#/obj/Debug/net8.0/c2.AssemblyInfo.cs
index 7b817e5..d68b696 100644
--- a/C#/obj/Debug/net8.0/c2.AssemblyInfo.cs
+++ b/C#/obj/Debug/net8.0/c2.AssemblyInfo.cs
@@ -13,7 +13,7 @@
 [assembly: System.Reflection.AssemblyCompanyAttribute("c2")]
 [assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")]
 [assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")]
-[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+0d4214d8d957a44663e1f74da0bdea0972a27726")]
+[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+25af4e3c57f5abb8d44bfbea227fbb54cf05b8ba")]
 [assembly: System.Reflection.AssemblyProductAttribute("c2")]
 [assembly: System.Reflection.AssemblyTitleAttribute("c2")]
 [assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")]
diff --git a/C#/obj/Debug/net8.0/c2.AssemblyInfoInputs.cache b/C#/obj/Debug/net8.0/c2.AssemblyInfoInputs.cache
index 4450a45..2cdefab 100644
--- a/C#/obj/Debug/net8.0/c2.AssemblyInfoInputs.cache
+++ b/C#/obj/Debug/net8.0/c2.AssemblyInfoInputs.cache
@@ -1 +1 @@
-e42c94a693dd68ab4e838e9363900efb3eabd2d7217a54e4c2aa5e9f95858206
+36a662ff3cfb3e1f65da1c94942d2800c393361abfd38b1cb1a61b0fb99a1e08
diff --git a/python/P11.py b/python/P11.py
new file mode 100644
index 0000000..26d34d6
--- /dev/null
+++ b/python/P11.py
@@ -0,0 +1,39 @@
+# sql_injection.py
+import sqlite3
+from flask import Flask, request
+
+app = Flask(__name__)
+DB = "test.db"
+
+# def init_db():
+#     conn = sqlite3.connect(DB)
+#     conn.execute("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, username TEXT, password TEXT)")
+#     conn.execute("INSERT OR IGNORE INTO users (id, username, password) VALUES (1, 'alice', 'passw0rd')")
+#     conn.commit()
+#     conn.close()
+
+# @app.route("/user")
+# def user():
+#     init_db()
+#     username = request.args.get("username", "")
+#     # WARNING: vulnerable to SQL injection
+#     query = "SELECT id, username FROM users WHERE username = '%s'" % username
+#     conn = sqlite3.connect(DB)
+#     cursor = conn.cursor()
+#     cursor.execute(query)
+#     row = cursor.fetchone()
+#     conn.close()
+#     return str(row)
+
+def render_template(template_str, user_input):
+    return template_str.replace("{{user}}", user_input)
+
+def list_directory(directory):
+    return subprocess.check_output(f"ls {directory}", shell=True)
+
+def jsonp_callback(request):
+    callback = request.GET.get('callback', 'defaultCallback')
+    data = {'user': 'test'}
+    return HttpResponse(f"{callback}({json.dumps(data)})")
+
+def parse_xml(xml_data):
\ No newline at end of file
diff --git a/python/django.py b/python/django.py
index 3beac97..73475f0 100644
--- a/python/django.py
+++ b/python/django.py
@@ -22,17 +22,17 @@ def created(self, obj):
         return obj.timestamp.strftime('%Y-%m-%d %H:%M:%S')
     created.short_description = 'Created'
 
-    def user_url(self, obj):
-        if obj.actor:
-            app_label, model = settings.AUTH_USER_MODEL.split('.')
-            viewname = 'admin:%s_%s_change' % (app_label, model.lower())
-            try:
-                link = urlresolvers.reverse(viewname, args=[obj.actor.id])
-            except NoReverseMatch:
-                return u'%s' % (obj.actor)
-            return format_html(u'<a href="{}">{}</a>', link, obj.actor)
-
-        return 'system'
+    # def user_url(self, obj):
+    #     if obj.actor:
+    #         app_label, model = settings.AUTH_USER_MODEL.split('.')
+    #         viewname = 'admin:%s_%s_change' % (app_label, model.lower())
+    #         try:
+    #             link = urlresolvers.reverse(viewname, args=[obj.actor.id])
+    #         except NoReverseMatch:
+    #             return u'%s' % (obj.actor)
+    #         return format_html(u'<a href="{}">{}</a>', link, obj.actor)
+
+        # return 'system'
     user_url.short_description = 'User'
 
     def msg_short(self, obj):
diff --git a/python/p1.py b/python/p1.py
index 1801a95..2e4afb7 100644
--- a/python/p1.py
+++ b/python/p1.py
@@ -1,11 +1,11 @@
 # Vulnerability 1: SQL Injection (CWE-89)
-def get_user(username):
-    import sqlite3
-    conn = sqlite3.connect('users.db')
-    cursor = conn.cursor()
-    query = "SELECT * FROM users WHERE username = '" + username + "'"  # SQLi
-    cursor.execute(query)
-    return cursor.fetchall()
+# def get_user(username):
+#     import sqlite3
+#     conn = sqlite3.connect('users.db')
+#     cursor = conn.cursor()
+#     query = "SELECT * FROM users WHERE username = '" + username + "'"  # SQLi
+#     cursor.execute(query)
+#     return cursor.fetchall()
 
 # Vulnerability 2: Command Injection (CWE-78)
 def ping_host(host):
diff --git a/python/p12.py b/python/p12.py
new file mode 100644
index 0000000..e69de29