This Metasploit module exploits a vulnerability in Bludit. A
remote user could abuse the uuid parameter in the image upload
feature in order to save a malicious payload anywhere onto the
server, and then use a custom .htaccess file to bypass the file
extension check to finally get remote code execution.
Read more https://packetstormsecurity.com/files/155295/bludit_upload_images_exec.rb.txt