Full title: MoinMoin twikidraw Action Traversal File Upload Vulnerability 
Category: remote exploits
Platform: windows
This Metasploit module exploits a vulnerability in MoinMoin 1.9.5. The vulnerability exists on the manage of the twikidraw actions, where a traversal path can be used in order to upload arbitrary files. Exploitation is achieved on Apached/mod_wsgi configurations by overwriting moin.wsgi, which allows to execute arbitrary python code, as exploited in the wild on July, 2012.

# 0day.today @ http://0day.today/