This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 1.5.12 of joomla and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
8b2bb800fcad3a5dc196fc3ef9696ddfc8c55e5a5366e716722345f95e11ca4c