VAMCart-InternetShop 0.9 File Upload Code Execution
https://packetstormsecurity.com/files/113111/vamcart09_rce.rb.txt
https://packetstormsecurity.com/files/113111/vamcart09_rce.rb.txthttps://packetstormsecurity.com/files/113111/VAMCart-InternetShop-0.9-File-Upload-Code-Execution.htmlTue, 29 May 2012 23:34:44 GMTThis Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 0.9 of VAMCart and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.