This Metasploit module exploits a command injection vulnerability in Xplico. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user.
651a38434d2ab0908b45d4a1f3933f9debbdefd5170e43cc8c63abccb34a9de0