This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
bee949e92c0ea2f22d837f57390d8e28e16e861007e5e679292d373e6ac8037a
GoAhead http versions 2.5 through 3.6.5 LD_PRELOAD remote code execution exploit.
588a3de898e31090547edf122510407656f35323e24561b2cf63e254b71527ba