This Metasploit module exploits an arbitrary command execution vulnerability in Family Connections 2.7.1. It's in the dev/less.php script and is due to an insecure use of system(). Authentication isn't required to exploit the vulnerability but register_globals must be set to On.
492a4aefa4e8a2833c0cb853cbcf7fa99c103169dba1753b92cc4b086ece66f4