WPMU < 2.9.1 PHP Remote Code Execute 0day Exploit

its a straight forward and easy to use exploit that injects a command shell into wp-config.php Usage Info php exp.php don't forget to add http This is private exploit. You can buy it at https://0day.today...

CVE-2009-1030

Cross-site scripting XSS vulnerability in the chooseprimaryblog function in wp-includes/wpmu-functions.php in WordPress MU WPMU before 2.7 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...