ATutor file_manager Remote Code Execution
Posted on 12 April 2019
This Metasploit module allows the user to run commands on the server with the teacher user privilege. The 'Upload files' section in the 'File Manager' field contains an arbitrary file upload vulnerability.