Clean up traq_plugin_exec

g0tmi1k · g0tmi1k · commit 5709d49aae05 · 2015-03-20T01:19:46.000Z
diff --git a/modules/exploits/multi/http/traq_plugin_exec.rb b/modules/exploits/multi/http/traq_plugin_exec.rb
@@ -17,12 +17,11 @@ def initialize(info={})
         This module exploits an arbitrary command execution vulnerability in
         Traq 2.0 to 2.3. It's in the admincp/common.php script.
 
-        This function is called in each script located into /admicp/ directory to
+        This function is called in each script located in the /admicp/ directory to
         make sure the user has admin rights, but this is a broken authorization
-        schema due to the header() function doesn't stop the execution flow. This
-        can be exploited by malicious users to execute admin functionality resulting
-        for  e.g.  in execution of arbitrary PHP code leveraging of plugins.php
-        functionality.
+        schema due to the header() function doesn't stop the execution flow.
+        This can be exploited by malicious users to execute admin functionality.
+        e.g. execution of arbitrary PHP code leveraging of plugins.php functionality.
       },
       'License'        => MSF_LICENSE,
       'Author'         =>
