diff --git a/README.md b/README.md
index aeb106d..6ddfe29 100644
--- a/README.md
+++ b/README.md
@@ -127,7 +127,7 @@
 - [CVE-2019-2107-Android播放视频-RCE-POC(Android 7.0版本，7.1.1版本，7.1.2版本，8.0版本，8.1版本，9.0版本)](https://github.com/marcinguy/CVE-2019-2107)
 - [CVE-2019-19844-Django重置密码漏洞(受影响版本:Django master branch,Django 3.0,Django 2.2,Django 1.11)](https://github.com/ryu22e/django_cve_2019_19844_poc/)
 - [CVE-2019-17556-unsafe-deserialization-in-apache-olingo(Apache Olingo反序列化漏洞，影响: 4.0.0版本至4.6.0版本)](https://medium.com/bugbountywriteup/cve-2019-17556-unsafe-deserialization-in-apache-olingo-8ebb41b66817)
-- [ZZCMS201910 SQL Injections](./ZZCMS201910%20SQL%20Injections.md)
+- [ZZCMS201910 SQL Injections](./ZZCMS201910%20SQL%20Injections.md)|[ZZCMS201910代码审计](./books/ZZCMS201910代码审计.pdf)
 - [WDJACMS1.5.2模板注入漏洞](./WDJACMS1.5.2模板注入漏洞.md)
 - [CVE-2019-19781-Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway](https://github.com/projectzeroindia/CVE-2019-19781)
 - [CVE-2019-19781.nse---use Nmap check  Citrix ADC Remote Code Execution](https://github.com/cyberstruggle/DeltaGroup/tree/master/CVE-2019-19781)
diff --git a/books/ZZCMS201910代码审计.pdf b/books/ZZCMS201910代码审计.pdf
new file mode 100644
index 0000000..5c2934d
Binary files /dev/null and b/books/ZZCMS201910代码审计.pdf differ