Merge branch 'spellin' of https://github.com/h00die/metasploit-framework into spellin

Author: h00die

modules/exploits/multi/http/vtiger_php_exec.rb

@@ -14,7 +14,7 @@ def initialize(info = {})
       'Description' => %q{
       vTiger CRM allows an authenticated user to upload files to embed within documents.
       Due to insufficient privileges on the 'files' upload folder, an attacker can upload a PHP
-      script and execute aribitrary PHP code remotely.
+      script and execute arbitrary PHP code remotely.
 
       This module was tested against vTiger CRM v5.4.0 and v5.3.0.
       },

modules/exploits/multi/misc/legend_bot_exec.rb

@@ -18,7 +18,7 @@ def initialize(info = {})
           UDP flooding, the ability to remove system logs, and ability to gain root, and
           VNC scanning.
 
-          Kevin Stevens, a Senior Threat Researcher at Damballa has uploaded this script
+          Kevin Stevens, a Senior Threat Researcher at Damballa, has uploaded this script
           to VirusTotal with a md5 of 11a9f1589472efa719827079c3d13f76.
         },
       'Author'         =>

modules/exploits/unix/misc/xerox_mfp.rb

@@ -13,7 +13,7 @@ def initialize(info = {})
       'Description'     => %q{
         This module exploits a vulnerability found in Xerox Multifunction Printers (MFP). By
         supplying a modified Dynamic Loadable Module (DLM), it is possible to execute arbitrary
-        commands under root privilages.
+        commands under root privileges.
       },
       'Author'          =>
         [

modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb

@@ -19,7 +19,7 @@ def initialize(info = {})
         blogging software plugin known as Google Document Embedder. The vulnerability allows for
         database credential disclosure via the /libs/pdf.php script. The Google Document Embedder
         plug-in versions 2.4.6 and below are vulnerable. This exploit only works when the MySQL
-        server is exposed on an accessible IP and Wordpress has filesystem write access.
+        server is exposed on an accessible IP and WordPress has filesystem write access.
 
         Please note: The admin password may get changed if the exploit does not run to the end.
       },

modules/exploits/unix/webapp/wp_wptouch_file_upload.rb

@@ -12,14 +12,14 @@ class MetasploitModule < Msf::Exploit::Remote
   def initialize(info = {})
     super(update_info(
       info,
-      'Name'           => 'Wordpress WPTouch Authenticated File Upload',
+      'Name'           => 'WordPress WPTouch Authenticated File Upload',
       'Description'    => %q{
-          The Wordpress WPTouch plugin contains an authenticated file upload
+          The WordPress WPTouch plugin contains an authenticated file upload
           vulnerability. A wp-nonce (CSRF token) is created on the backend index
           page and the same token is used on handling ajax file uploads through
           the plugin. By sending the captured nonce with the upload, we can
           upload arbitrary files to the upload folder. Because the plugin also
-          uses its own file upload mechanism instead of the wordpress api it's
+          uses its own file upload mechanism instead of the WordPress api it's
           possible to upload any file type.
           The user provided does not need special rights, and users with "Contributor"
           role can be abused.