Through access to vulnerability files can get the user name account and password.
But the background presence of the Universal password.
You can get the administrator account and password information, the password is sha1 encrypted.
后台 地址 http://www.xxxx.com/admin.php
Then use the Universal password can smoothly enter.
Vulnerability to prove:
This I would not have said.