This module exploits a vulnerability in Squiz Matrix's administration subsystem (example URL: http://squiz.target.local/_admin/). Despite involving a subsystem which *should* be well-protected, it does not require authenticated access to exploit.

This vulnerability is present in Squiz Matrix version 4.6.3, and likely prior versions. See SOS-12-007.