Full title: Monstra CMS Authenticated Arbitrary File Upload Exploit 
Category: remote exploits
Platform: php
Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.

# 0day.today @ http://0day.today/