diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e8130c3
--- /dev/null
+++ b/README.md
@@ -0,0 +1,1298 @@
+# CVE Dashboard
+
+A comprehensive vulnerability management system designed for tracking CVE (Common Vulnerabilities and Exposures) remediation status and maintaining vendor documentation compliance.
+
+
+
+
+
+---
+
+## π Table of Contents
+
+- [Overview](#overview)
+- [Key Features](#key-features)
+- [Architecture](#architecture)
+- [Prerequisites](#prerequisites)
+- [Installation](#installation)
+- [Configuration](#configuration)
+- [Usage Guide](#usage-guide)
+- [API Documentation](#api-documentation)
+- [Database Schema](#database-schema)
+- [File Organization](#file-organization)
+- [Troubleshooting](#troubleshooting)
+- [Roadmap](#roadmap)
+- [Contributing](#contributing)
+- [Author](#author)
+
+---
+
+## π― Overview
+
+The CVE Dashboard solves a critical problem in vulnerability management: **quickly determining whether a CVE has been addressed and if required vendor documentation exists** before requesting false positive designations from security teams.
+
+### Problem Statement
+
+Security teams report vulnerabilities that may not apply to your environment. Before requesting a false positive designation, you need to:
+1. β
Verify if the CVE has already been addressed
+2. β
Confirm you have required vendor documentation (advisories, correspondence, proof of remediation)
+3. β
Maintain organized records for audits and compliance
+
+### Solution
+
+This dashboard provides:
+- **Instant CVE status verification** via Quick Check
+- **Document compliance tracking** to ensure you have required vendor documentation
+- **Automated file organization** maintaining the structure: `CVE-ID/Vendor/Documents`
+- **Searchable database** with filters for vendor, severity, and status
+- **RESTful API** for integration with other systems
+
+---
+
+## β¨ Key Features
+
+### π Quick CVE Status Check
+- **Instant verification**: Enter any CVE ID and immediately see if it's been addressed
+- **Document compliance**: Shows which documents are present (Advisory β, Email β, Screenshot β)
+- **Visual indicators**: Color-coded results (green = addressed, yellow = not found, red = missing required docs)
+
+### π Document Management
+- **Upload documents**: PDF, images, Word docs, text files (up to 10MB)
+- **Automatic organization**: Files stored as `uploads/CVE-2024-1234/Microsoft/advisory.pdf`
+- **Document types**: Advisory, Email, Screenshot, Patch, Other
+- **View & Delete**: Direct links to view documents, delete with confirmation
+
+### π Search & Filter
+- **Search by CVE ID or description**: Find vulnerabilities quickly
+- **Filter by vendor**: Microsoft, Cisco, Oracle, VMware, Adobe, etc.
+- **Filter by severity**: Critical, High, Medium, Low
+- **Real-time results**: Updates as you type
+
+### π Compliance Tracking
+- **Document status badges**: "β Docs Complete" or "β Incomplete"
+- **Required documents**: Advisory (mandatory), Email (optional), Screenshot (optional)
+- **Vendor-specific requirements**: Customizable per vendor
+
+### π¨ Charter/Spectrum Branding
+- **Corporate colors**: Charter Blue (#0476D9) throughout
+- **Professional design**: Clean, modern interface
+- **Responsive layout**: Works on desktop and tablets
+
+---
+
+## ποΈ Architecture
+```
+βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
+β CVE Dashboard β
+βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
+β β
+β ββββββββββββββββ ββββββββββββββββββββββββ β
+β β Frontend β β Backend API β β
+β β β HTTP β β β
+β β React + ββββββββββΊβ Express.js β β
+β β Tailwind β :3001 β β β
+β β β β βββββββββββββββββββ β β
+β β Port: 3000 β β β SQLite DB β β β
+β ββββββββββββββββ β β - cves β β β
+β β β - documents β β β
+β β β - required_docsβ β β
+β β βββββββββββββββββββ β β
+β ββββββββββββββββββββββββ β
+β β β
+β βΌ β
+β ββββββββββββββββββββββββ β
+β β File Storage β β
+β β β β
+β β uploads/ β β
+β β ββ CVE-2024-1234/ β β
+β β ββ Microsoft/ β β
+β β ββ advisory.pdfβ β
+β β ββ email.pdf β β
+β ββββββββββββββββββββββββ β
+βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
+```
+
+### Technology Stack
+
+**Frontend:**
+- React 18
+- Tailwind CSS (via CDN)
+- Lucide React (icons)
+- Fetch API
+
+**Backend:**
+- Node.js v18+
+- Express.js 4
+- SQLite3
+- Multer (file uploads)
+- CORS
+
+**Database:**
+- SQLite (development/production)
+- Easily upgradeable to PostgreSQL
+
+---
+
+## π¦ Prerequisites
+
+- **Node.js**: v18.0.0 or higher
+- **npm**: v8.0.0 or higher
+- **Git**: For version control
+- **Linux/Unix environment**: Tested on Ubuntu 20.04+
+
+Check your versions:
+```bash
+node --version
+npm --version
+git --version
+```
+
+---
+
+## π Installation
+
+### 1. Clone the Repository
+```bash
+git clone https://vulcan.apophisnetworking.net/jramos/cve-dashboard.git
+cd cve-dashboard
+```
+
+### 2. Install Backend Dependencies
+```bash
+cd backend
+npm install
+```
+
+Expected packages:
+- express
+- sqlite3
+- multer
+- cors
+
+### 3. Install Frontend Dependencies
+```bash
+cd ../frontend
+npm install
+```
+
+Expected packages:
+- react
+- react-dom
+- react-scripts
+- lucide-react
+
+### 4. Initialize the Database
+```bash
+cd ../backend
+node setup.js
+```
+
+This will:
+- β
Create `cve_database.db`
+- β
Create tables: `cves`, `documents`, `required_documents`
+- β
Create indexes for fast queries
+- β
Create `cve_document_status` view
+- β
Create `uploads/` and `uploads/temp/` directories
+- β
Insert default required documents for major vendors
+
+Expected output:
+```
+π CVE Database Setup
+ββββββββββββββββββββββββββββββββββββββββ
+β Created uploads directory
+β Database initialized successfully
+β Database connection closed
+
+ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
+β CVE DATABASE SETUP COMPLETE! β
+ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
+```
+
+### 5. Configure Server IP
+
+Edit `frontend/src/App.js` and update the API URL (line 5):
+```javascript
+const API_BASE = 'http://YOUR_SERVER_IP:3001/api';
+```
+
+Example:
+```javascript
+const API_BASE = 'http://192.168.2.117:3001/api';
+```
+
+### 6. Add Tailwind CSS to Frontend
+
+Edit `frontend/public/index.html` and add this line in the `` section:
+```html
+
+```
+
+### 7. Create Startup Scripts (Optional but Recommended)
+
+**Create start-servers.sh:**
+```bash
+cd /home/cve-dashboard
+cat > start-servers.sh << 'EOF'
+#!/bin/bash
+echo "Starting CVE Dashboard servers..."
+
+# Start backend
+cd backend
+nohup node server.js > backend.log 2>&1 &
+BACKEND_PID=$!
+echo "Backend started (PID: $BACKEND_PID)"
+
+# Start frontend
+cd ../frontend
+nohup npm start > frontend.log 2>&1 &
+FRONTEND_PID=$!
+echo "Frontend started (PID: $FRONTEND_PID)"
+
+# Save PIDs
+echo $BACKEND_PID > ../backend.pid
+echo $FRONTEND_PID > ../frontend.pid
+
+echo "β Both servers running in background"
+echo " Backend: http://localhost:3001"
+echo " Frontend: http://localhost:3000"
+EOF
+
+chmod +x start-servers.sh
+```
+
+**Create stop-servers.sh:**
+```bash
+cat > stop-servers.sh << 'EOF'
+#!/bin/bash
+echo "Stopping CVE Dashboard servers..."
+
+if [ -f backend.pid ]; then
+ kill $(cat backend.pid) 2>/dev/null
+ rm backend.pid
+ echo "β Backend stopped"
+fi
+
+if [ -f frontend.pid ]; then
+ kill $(cat frontend.pid) 2>/dev/null
+ rm frontend.pid
+ echo "β Frontend stopped"
+fi
+
+pkill -f "node server.js"
+pkill -f "react-scripts start"
+echo "All servers stopped"
+EOF
+
+chmod +x stop-servers.sh
+```
+
+---
+
+## βοΈ Configuration
+
+### Backend Configuration
+
+**CORS Settings** (`backend/server.js`):
+```javascript
+app.use(cors({
+ origin: ['http://localhost:3000', 'http://192.168.2.117:3000'],
+ credentials: true
+}));
+```
+
+**File Upload Limits** (`backend/server.js`):
+```javascript
+const upload = multer({
+ storage: storage,
+ limits: { fileSize: 10 * 1024 * 1024 } // 10MB limit
+});
+```
+
+**Port Configuration** (`backend/server.js`):
+```javascript
+const PORT = 3001;
+```
+
+### Frontend Configuration
+
+**API Base URL** (`frontend/src/App.js`):
+```javascript
+const API_BASE = 'http://192.168.2.117:3001/api';
+```
+
+**Severity Levels** (`frontend/src/App.js`):
+```javascript
+const severityLevels = ['All Severities', 'Critical', 'High', 'Medium', 'Low'];
+```
+
+### Database Configuration
+
+**Add Required Documents for New Vendor:**
+```bash
+sqlite3 backend/cve_database.db
+```
+```sql
+INSERT INTO required_documents (vendor, document_type, is_mandatory, description)
+VALUES ('Adobe', 'advisory', 1, 'Adobe Security Bulletin');
+```
+
+**Update CVE Status Values:**
+
+Modify in `backend/server.js` or directly in database:
+- `Open` - CVE identified, not yet addressed
+- `Addressed` - CVE has been remediated
+- `False Positive Requested` - Submitted to security team
+- `False Positive Approved` - Confirmed false positive
+- `Closed` - No action required
+
+---
+
+## π Usage Guide
+
+### Starting the Application
+
+**Option 1: Manual Start**
+```bash
+# Terminal 1 - Backend
+cd /home/cve-dashboard/backend
+node server.js
+
+# Terminal 2 - Frontend
+cd /home/cve-dashboard/frontend
+npm start
+```
+
+**Option 2: Using Startup Scripts**
+```bash
+cd /home/cve-dashboard
+./start-servers.sh
+```
+
+**Access the application:**
+- Frontend: `http://YOUR_SERVER_IP:3000`
+- Backend API: `http://YOUR_SERVER_IP:3001`
+
+### Adding a New CVE
+
+1. Click the **"+ Add New CVE"** button (top right)
+2. Fill in the form:
+ - **CVE ID**: e.g., `CVE-2024-1234`
+ - **Vendor**: e.g., `Microsoft`
+ - **Severity**: Critical, High, Medium, or Low
+ - **Description**: Brief description of the vulnerability
+ - **Published Date**: Date the CVE was published
+3. Click **"Add CVE"**
+4. CVE appears in the dashboard immediately
+
+### Uploading Documents
+
+1. Find the CVE in the list
+2. Click **"View Documents"** to expand
+3. Click **"Upload New Document"**
+4. Select your file (PDF, PNG, JPG, TXT, DOC, DOCX)
+5. When prompted, specify:
+ - **Document type**: advisory, email, screenshot, patch, other
+ - **Notes** (optional): Description or context
+6. File uploads and organizes automatically
+
+**File Organization Example:**
+```
+uploads/
+βββ CVE-2024-1234/
+ βββ Microsoft/
+ βββ 1706140800000-MS-Security-Advisory.pdf
+ βββ 1706140850000-Vendor-Email.pdf
+ βββ 1706140900000-Patch-Screenshot.png
+```
+
+### Using Quick Check
+
+**Scenario: Security team reports CVE-2024-5678**
+
+1. Enter `CVE-2024-5678` in the **Quick Check** box
+2. Click **"Check Status"**
+
+**Result A - Already Addressed:**
+```
+β CVE Addressed
+Vendor: Cisco
+Severity: High
+Status: Addressed
+Documents: 2 attached
+β Advisory β Email β Screenshot
+
+Ready for false positive request
+```
+
+**Result B - Not Found:**
+```
+β Not Found
+This CVE has not been addressed yet.
+No entry exists in the database.
+
+Action Required: Create entry and gather vendor documentation
+```
+
+**Result C - Incomplete:**
+```
+β CVE Addressed
+Documents: 1 attached
+β Advisory β Email β Screenshot
+
+Missing required advisory - obtain before requesting false positive
+```
+
+### Searching and Filtering
+
+**Search by CVE ID or Description:**
+- Type in the search box
+- Results filter in real-time
+
+**Filter by Vendor:**
+- Select from dropdown: All Vendors, Microsoft, Cisco, Oracle, VMware, Adobe
+
+**Filter by Severity:**
+- Select from dropdown: All Severities, Critical, High, Medium, Low
+
+**Combine Filters:**
+- Search for "remote code" + Vendor: Microsoft + Severity: Critical
+
+### Viewing Documents
+
+1. Click **"View Documents"** on any CVE
+2. See list of attached documents with:
+ - Document name
+ - Type (advisory, email, screenshot)
+ - File size
+ - Notes
+3. Click **"View"** to open document in new tab
+4. Select checkboxes to export multiple documents
+
+### Deleting Documents
+
+1. Expand documents for a CVE
+2. Click red **"Delete"** button next to document
+3. Confirm deletion in popup
+4. Document removed from database and filesystem
+
+### Exporting Documents
+
+1. Expand documents for one or more CVEs
+2. Check boxes next to documents you want to export
+3. Click **"Export X Documents for Report"** at top
+4. Currently shows alert (ready for integration with report system)
+
+---
+
+## π API Documentation
+
+Base URL: `http://YOUR_SERVER_IP:3001/api`
+
+### CVE Endpoints
+
+#### Get All CVEs
+```http
+GET /api/cves
+```
+
+**Query Parameters:**
+- `search` (optional): Search term for CVE ID or description
+- `vendor` (optional): Filter by vendor name
+- `severity` (optional): Filter by severity level
+
+**Example:**
+```bash
+curl "http://192.168.2.117:3001/api/cves?vendor=Microsoft&severity=Critical"
+```
+
+**Response:**
+```json
+[
+ {
+ "id": 1,
+ "cve_id": "CVE-2024-1234",
+ "vendor": "Microsoft",
+ "severity": "Critical",
+ "description": "Remote code execution vulnerability",
+ "published_date": "2024-01-15",
+ "status": "Addressed",
+ "created_at": "2024-01-26 10:30:00",
+ "updated_at": "2024-01-26 10:30:00",
+ "document_count": 3,
+ "doc_status": "Complete"
+ }
+]
+```
+
+#### Check CVE Status
+```http
+GET /api/cves/check/:cveId
+```
+
+**Example:**
+```bash
+curl "http://192.168.2.117:3001/api/cves/check/CVE-2024-1234"
+```
+
+**Response (Found):**
+```json
+{
+ "exists": true,
+ "cve": {
+ "cve_id": "CVE-2024-1234",
+ "vendor": "Microsoft",
+ "severity": "Critical",
+ "status": "Addressed",
+ "total_documents": 3,
+ "has_advisory": 1,
+ "has_email": 1,
+ "has_screenshot": 1
+ },
+ "addressed": true,
+ "has_required_docs": true,
+ "compliance": {
+ "advisory": true,
+ "email": true,
+ "screenshot": true
+ }
+}
+```
+
+**Response (Not Found):**
+```json
+{
+ "exists": false,
+ "message": "CVE not found - not yet addressed"
+}
+```
+
+#### Create CVE
+```http
+POST /api/cves
+Content-Type: application/json
+```
+
+**Body:**
+```json
+{
+ "cve_id": "CVE-2024-1234",
+ "vendor": "Microsoft",
+ "severity": "Critical",
+ "description": "Remote code execution vulnerability in Windows Server",
+ "published_date": "2024-01-15"
+}
+```
+
+**Example:**
+```bash
+curl -X POST http://192.168.2.117:3001/api/cves \
+ -H "Content-Type: application/json" \
+ -d '{
+ "cve_id": "CVE-2024-1234",
+ "vendor": "Microsoft",
+ "severity": "Critical",
+ "description": "Remote code execution vulnerability",
+ "published_date": "2024-01-15"
+ }'
+```
+
+**Response:**
+```json
+{
+ "id": 1,
+ "cve_id": "CVE-2024-1234",
+ "message": "CVE created successfully"
+}
+```
+
+#### Update CVE Status
+```http
+PATCH /api/cves/:cveId/status
+Content-Type: application/json
+```
+
+**Body:**
+```json
+{
+ "status": "False Positive Requested"
+}
+```
+
+**Example:**
+```bash
+curl -X PATCH http://192.168.2.117:3001/api/cves/CVE-2024-1234/status \
+ -H "Content-Type: application/json" \
+ -d '{"status": "False Positive Requested"}'
+```
+
+### Document Endpoints
+
+#### Get Documents for CVE
+```http
+GET /api/cves/:cveId/documents
+```
+
+**Example:**
+```bash
+curl "http://192.168.2.117:3001/api/cves/CVE-2024-1234/documents"
+```
+
+**Response:**
+```json
+[
+ {
+ "id": 1,
+ "cve_id": "CVE-2024-1234",
+ "name": "MS-Security-Advisory.pdf",
+ "type": "advisory",
+ "file_path": "uploads/CVE-2024-1234/Microsoft/1706140800000-MS-Security-Advisory.pdf",
+ "file_size": "245.50 KB",
+ "mime_type": "application/pdf",
+ "uploaded_at": "2024-01-26 10:35:00",
+ "notes": "Official Microsoft Security Advisory"
+ }
+]
+```
+
+#### Upload Document
+```http
+POST /api/cves/:cveId/documents
+Content-Type: multipart/form-data
+```
+
+**Form Fields:**
+- `file`: The file to upload
+- `cveId`: CVE ID (e.g., CVE-2024-1234)
+- `vendor`: Vendor name (e.g., Microsoft)
+- `type`: Document type (advisory, email, screenshot, patch, other)
+- `notes` (optional): Description
+
+**Example:**
+```bash
+curl -X POST http://192.168.2.117:3001/api/cves/CVE-2024-1234/documents \
+ -F "file=@/path/to/advisory.pdf" \
+ -F "cveId=CVE-2024-1234" \
+ -F "vendor=Microsoft" \
+ -F "type=advisory" \
+ -F "notes=Official security advisory"
+```
+
+**Response:**
+```json
+{
+ "id": 1,
+ "message": "Document uploaded successfully",
+ "file": {
+ "name": "advisory.pdf",
+ "path": "uploads/CVE-2024-1234/Microsoft/1706140800000-advisory.pdf",
+ "size": "245.50 KB"
+ }
+}
+```
+
+#### Delete Document
+```http
+DELETE /api/documents/:id
+```
+
+**Example:**
+```bash
+curl -X DELETE http://192.168.2.117:3001/api/documents/1
+```
+
+**Response:**
+```json
+{
+ "message": "Document deleted successfully"
+}
+```
+
+### Utility Endpoints
+
+#### Get All Vendors
+```http
+GET /api/vendors
+```
+
+**Example:**
+```bash
+curl "http://192.168.2.117:3001/api/vendors"
+```
+
+**Response:**
+```json
+["Microsoft", "Cisco", "Oracle", "VMware", "Adobe"]
+```
+
+#### Get Statistics
+```http
+GET /api/stats
+```
+
+**Example:**
+```bash
+curl "http://192.168.2.117:3001/api/stats"
+```
+
+**Response:**
+```json
+{
+ "total_cves": 25,
+ "critical_count": 8,
+ "addressed_count": 20,
+ "total_documents": 75,
+ "compliant_count": 18
+}
+```
+
+---
+
+## ποΈ Database Schema
+
+### Tables
+
+#### `cves`
+Stores CVE metadata and remediation status.
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER PRIMARY KEY | Auto-incrementing ID |
+| cve_id | VARCHAR(20) UNIQUE | CVE identifier (e.g., CVE-2024-1234) |
+| vendor | VARCHAR(100) | Vendor name |
+| severity | VARCHAR(20) | Critical, High, Medium, Low |
+| description | TEXT | Vulnerability description |
+| published_date | DATE | Date CVE was published |
+| status | VARCHAR(50) | Open, Addressed, False Positive Requested, Closed |
+| created_at | TIMESTAMP | Record creation timestamp |
+| updated_at | TIMESTAMP | Last update timestamp |
+
+**Indexes:**
+- `idx_cve_id` on `cve_id`
+- `idx_vendor` on `vendor`
+- `idx_severity` on `severity`
+- `idx_status` on `status`
+
+#### `documents`
+Stores document metadata and file locations.
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER PRIMARY KEY | Auto-incrementing ID |
+| cve_id | VARCHAR(20) | Foreign key to cves.cve_id |
+| name | VARCHAR(255) | Original filename |
+| type | VARCHAR(50) | advisory, email, screenshot, patch, other |
+| file_path | VARCHAR(500) | Path to file on filesystem |
+| file_size | VARCHAR(20) | File size (e.g., "245.50 KB") |
+| mime_type | VARCHAR(100) | MIME type (e.g., "application/pdf") |
+| uploaded_at | TIMESTAMP | Upload timestamp |
+| notes | TEXT | Optional notes or description |
+
+**Foreign Key:** `cve_id` β `cves(cve_id)` ON DELETE CASCADE
+
+**Indexes:**
+- `idx_doc_cve_id` on `cve_id`
+- `idx_doc_type` on `type`
+
+#### `required_documents`
+Defines which document types are mandatory per vendor.
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER PRIMARY KEY | Auto-incrementing ID |
+| vendor | VARCHAR(100) | Vendor name |
+| document_type | VARCHAR(50) | advisory, email, screenshot, etc. |
+| is_mandatory | BOOLEAN | 1 = required, 0 = optional |
+| description | TEXT | Description of requirement |
+
+**Default Values:**
+```sql
+('Microsoft', 'advisory', 1, 'Official Microsoft Security Advisory')
+('Cisco', 'advisory', 1, 'Cisco Security Advisory')
+('Oracle', 'advisory', 1, 'Oracle Security Alert')
+('VMware', 'advisory', 1, 'VMware Security Advisory')
+('Adobe', 'advisory', 1, 'Adobe Security Bulletin')
+```
+
+### Views
+
+#### `cve_document_status`
+Provides real-time compliance status for each CVE.
+
+**Columns:**
+- `cve_id`
+- `vendor`
+- `severity`
+- `status`
+- `total_documents` - Count of all documents
+- `advisory_count` - Count of advisory documents
+- `email_count` - Count of email documents
+- `screenshot_count` - Count of screenshot documents
+- `compliance_status` - "Complete" or "Missing Required Docs"
+
+**Example Query:**
+```sql
+SELECT * FROM cve_document_status
+WHERE compliance_status = 'Missing Required Docs';
+```
+
+### Database Queries
+
+**Find all Critical CVEs without required docs:**
+```sql
+SELECT c.cve_id, c.vendor, c.description, cd.compliance_status
+FROM cves c
+JOIN cve_document_status cd ON c.cve_id = cd.cve_id
+WHERE c.severity = 'Critical'
+ AND cd.compliance_status = 'Missing Required Docs';
+```
+
+**Get document count by type:**
+```sql
+SELECT type, COUNT(*) as count
+FROM documents
+GROUP BY type
+ORDER BY count DESC;
+```
+
+**Find CVEs without any documents:**
+```sql
+SELECT c.cve_id, c.vendor, c.severity
+FROM cves c
+LEFT JOIN documents d ON c.cve_id = d.cve_id
+WHERE d.id IS NULL;
+```
+
+---
+
+## π File Organization
+
+### Directory Structure
+```
+cve-dashboard/
+βββ backend/
+β βββ server.js # Express API server
+β βββ setup.js # Database initialization script
+β βββ cve_database.db # SQLite database file
+β βββ package.json # Backend dependencies
+β βββ backend.log # Backend log file (if using startup script)
+β
+βββ frontend/
+β βββ public/
+β β βββ index.html # Main HTML (includes Tailwind CDN)
+β βββ src/
+β β βββ App.js # Main React component
+β β βββ index.js # React entry point
+β β βββ index.css # Global styles
+β βββ package.json # Frontend dependencies
+β βββ frontend.log # Frontend log file (if using startup script)
+β
+βββ uploads/ # File storage (auto-created)
+β βββ temp/ # Temporary upload directory
+β βββ CVE-2024-1234/
+β β βββ Microsoft/
+β β βββ 1706140800000-advisory.pdf
+β β βββ 1706140850000-email.pdf
+β βββ CVE-2024-5678/
+β βββ Cisco/
+β βββ 1706140900000-advisory.pdf
+β
+βββ .gitignore # Git ignore rules
+βββ README.md # This file
+βββ start-servers.sh # Startup script
+βββ stop-servers.sh # Shutdown script
+βββ backend.pid # Backend process ID (when running)
+βββ frontend.pid # Frontend process ID (when running)
+```
+
+### File Naming Convention
+
+Uploaded files are automatically prefixed with a timestamp:
+```
+[unix_timestamp]-[original_filename]
+
+Example:
+1706140800000-MS-Security-Advisory.pdf
+```
+
+This prevents filename collisions and maintains chronological order.
+
+### Folder Creation
+
+Folders are created automatically when:
+1. Database is initialized (`uploads/` and `uploads/temp/`)
+2. First document is uploaded for a CVE (`uploads/CVE-ID/Vendor/`)
+
+---
+
+## π§ Troubleshooting
+
+### Backend Won't Start
+
+**Error: `Cannot find module 'express'`**
+```bash
+cd /home/cve-dashboard/backend
+npm install
+```
+
+**Error: `Port 3001 is already in use`**
+```bash
+# Find process using port 3001
+netstat -tuln | grep 3001
+# or
+lsof -i :3001
+
+# Kill the process
+kill -9
+
+# Or change port in server.js
+nano server.js
+# Change: const PORT = 3002;
+```
+
+**Error: `Database locked`**
+SQLite allows only one write operation at a time.
+```bash
+# Check if multiple instances are running
+ps aux | grep "node server.js"
+
+# Kill duplicate processes
+pkill -f "node server.js"
+
+# Restart
+node server.js
+```
+
+### Frontend Won't Start
+
+**Error: `Cannot find module 'lucide-react'`**
+```bash
+cd /home/cve-dashboard/frontend
+npm install lucide-react
+```
+
+**Error: `Port 3000 is already in use`**
+```bash
+# Kill process on port 3000
+lsof -i :3000
+kill -9
+
+# Or set different port
+export PORT=3001
+npm start
+```
+
+**Styling Not Appearing**
+Make sure Tailwind CDN is in `public/index.html`:
+```html
+
+```
+
+### Upload Issues
+
+**Error: `Failed to fetch` during upload**
+
+1. **Check CORS configuration:**
+```bash
+nano backend/server.js
+```
+Ensure CORS allows your frontend origin:
+```javascript
+app.use(cors({
+ origin: ['http://localhost:3000', 'http://192.168.2.117:3000'],
+ credentials: true
+}));
+```
+
+2. **Check upload directory permissions:**
+```bash
+chmod -R 755 uploads/
+mkdir -p uploads/temp
+```
+
+3. **Check backend logs:**
+```bash
+tail -f backend/backend.log
+```
+
+**Error: `CVE ID and Vendor are required`**
+
+This means form data isn't reaching the backend. Check:
+1. Frontend is sending `cveId` and `vendor` in FormData
+2. Backend multer is parsing multipart form correctly
+
+**File Size Limit Exceeded**
+Default limit is 10MB. To increase:
+```javascript
+// In backend/server.js
+const upload = multer({
+ storage: storage,
+ limits: { fileSize: 50 * 1024 * 1024 } // 50MB
+});
+```
+
+### Database Issues
+
+**View database contents:**
+```bash
+cd /home/cve-dashboard/backend
+sqlite3 cve_database.db
+
+# View all CVEs
+sqlite> SELECT * FROM cves;
+
+# View all documents
+sqlite> SELECT * FROM documents;
+
+# Check compliance status
+sqlite> SELECT * FROM cve_document_status;
+
+# Exit
+sqlite> .quit
+```
+
+**Reset database:**
+```bash
+cd /home/cve-dashboard/backend
+rm cve_database.db
+node setup.js
+```
+
+**Backup database:**
+```bash
+cp backend/cve_database.db backend/cve_database_backup_$(date +%Y%m%d).db
+```
+
+### API Connection Issues
+
+**Error: `Failed to fetch` on all requests**
+
+1. **Verify backend is running:**
+```bash
+ps aux | grep "node server.js"
+curl http://192.168.2.117:3001/api/cves
+```
+
+2. **Check API_BASE URL in App.js:**
+```javascript
+const API_BASE = 'http://192.168.2.117:3001/api';
+```
+
+3. **Check firewall:**
+```bash
+# Allow port 3001
+sudo ufw allow 3001
+```
+
+4. **Test backend directly:**
+```bash
+curl http://192.168.2.117:3001/api/cves
+```
+
+### Permission Issues
+
+**Error: `EACCES: permission denied`**
+```bash
+# Fix ownership
+sudo chown -R $USER:$USER /home/cve-dashboard
+
+# Fix permissions
+chmod -R 755 /home/cve-dashboard
+chmod -R 777 /home/cve-dashboard/uploads
+```
+
+---
+
+## πΊοΈ Roadmap
+
+### Version 1.1 (Next Release)
+- [ ] **User Authentication**: Login system with user roles
+- [ ] **Audit Logging**: Track who added/modified CVEs
+- [ ] **Email Notifications**: Alert when new CVEs are added
+- [ ] **Export to Excel**: Download CVE list as spreadsheet
+- [ ] **Bulk Upload**: Import CVEs from CSV
+- [ ] **Advanced Search**: Full-text search across all fields
+
+### Version 1.2
+- [ ] **Dashboard Analytics**: Charts showing CVE trends by vendor/severity
+- [ ] **Automated CVSS Scoring**: Fetch CVSS scores from NVD API
+- [ ] **Integration with Vulnerability Scanners**: Import from Nessus, Qualys, etc.
+- [ ] **Document Templates**: Pre-filled templates for vendor requests
+- [ ] **Mobile App**: React Native mobile version
+
+### Version 2.0
+- [ ] **PostgreSQL Migration**: Production-ready database
+- [ ] **Docker Deployment**: Containerized deployment
+- [ ] **SSO Integration**: Charter/Spectrum LDAP/SSO
+- [ ] **API Keys**: Secure API access for integrations
+- [ ] **Webhook Support**: Notify external systems on CVE updates
+- [ ] **Multi-tenancy**: Support multiple business units
+
+### Proposed Features
+- Calendar view for CVE timelines
+- Automated false positive workflows
+- Integration with JIRA/ServiceNow
+- Machine learning for auto-categorization
+- PDF report generation
+- Compliance reports (SOX, PCI-DSS, HIPAA)
+
+**Have a feature request?** Open an issue in Gitea or contact the author.
+
+---
+
+## π€ Contributing
+
+This is an internal Charter Communications project. Contributions are welcome from Charter team members.
+
+### Development Workflow
+
+1. **Clone the repository:**
+```bash
+git clone https://vulcan.apophisnetworking.net/jramos/cve-dashboard.git
+cd cve-dashboard
+```
+
+2. **Create a feature branch:**
+```bash
+git checkout -b feature/your-feature-name
+```
+
+3. **Make your changes and commit:**
+```bash
+git add .
+git commit -m "feat: Add your feature description"
+```
+
+4. **Push to Gitea:**
+```bash
+git push origin feature/your-feature-name
+```
+
+5. **Create a Pull Request** in Gitea
+
+### Commit Message Convention
+
+Follow [Conventional Commits](https://www.conventionalcommits.org/):
+
+- `feat:` New feature
+- `fix:` Bug fix
+- `docs:` Documentation changes
+- `style:` Code style changes (formatting)
+- `refactor:` Code refactoring
+- `test:` Adding tests
+- `chore:` Maintenance tasks
+
+Examples:
+```
+feat: Add bulk CVE import from CSV
+fix: Resolve upload timeout issue for large files
+docs: Update API documentation with new endpoints
+refactor: Improve database query performance
+```
+
+### Code Style
+
+**Backend:**
+- Use async/await for asynchronous operations
+- Error handling with try/catch
+- Descriptive variable names
+- Comment complex logic
+
+**Frontend:**
+- React functional components with hooks
+- Tailwind utility classes for styling
+- No inline styles
+- Extract reusable components
+
+### Testing
+
+Before submitting:
+1. Test all CRUD operations
+2. Test file upload/download/delete
+3. Test Quick Check with various scenarios
+4. Test search and filters
+5. Verify on clean database
+
+---
+
+## π€ Author
+
+**jramos**
+Charter Communications
+Vulnerability Management Team
+
+**Contact:**
+- Gitea: [@jramos](https://vulcan.apophisnetworking.net/jramos)
+- Email: jramos@charter.com (internal)
+
+---
+
+## π License
+
+**Internal Use Only** - Charter Communications
+
+This software is proprietary and confidential. Unauthorized copying, distribution, or use of this software, via any medium, is strictly prohibited.
+
+Copyright Β© 2024 Charter Communications. All rights reserved.
+
+---
+
+## π Project Statistics
+
+- **Version**: 1.0.0
+- **Released**: January 2024
+- **Lines of Code**: ~1,500
+- **Dependencies**: 12
+- **Supported Browsers**: Chrome, Edge, Firefox, Safari
+
+---
+
+## π Acknowledgments
+
+- Charter Communications Security Team for requirements and testing
+- Anthropic Claude AI for development assistance
+- Open-source community for dependencies (Express, React, SQLite)
+
+---
+
+## π Additional Resources
+
+### Related Documentation
+- [SQLite Documentation](https://www.sqlite.org/docs.html)
+- [Express.js Guide](https://expressjs.com/en/guide/routing.html)
+- [React Documentation](https://react.dev/)
+- [Tailwind CSS](https://tailwindcss.com/docs)
+- [CVE Program](https://www.cve.org/)
+- [NVD (National Vulnerability Database)](https://nvd.nist.gov/)
+
+### Internal Resources
+- Charter Security Portal: [link]
+- Vulnerability Management SOP: [link]
+- False Positive Request Process: [link]
+
+---
+
+## π Changelog
+
+### [1.0.0] - 2024-01-26
+
+#### Added
+- Initial release with core functionality
+- CVE management (Create, Read, Update)
+- Document upload/view/delete
+- Quick CVE status check
+- Search and filtering
+- SQLite database
+- RESTful API
+- Charter/Spectrum branding
+- Automatic file organization
+- Document compliance tracking
+- Required document configuration per vendor
+
+#### Known Issues
+- Dynamic hostname detection not working (hardcoded IP as workaround)
+- No user authentication (single-user system)
+- Export functionality shows alert only (not implemented)
+
+---
+
+**Built with β€οΈ for Charter Communications**