Ecshop后台getshell-2

简要描述： Ecshop后台getshell-2 详细说明： admin/database.php if $REQUEST'act' == 'dumpsql' 省略若干 if empty$REQUEST'sqlfilename' $sqlfilename = $dump-getrandomname; else 省略若干 $sqlfilename = strreplace"0xa", '', trim$REQUEST'sqlfilename'; // 过滤 0xa 非法字符 $pos = strpos$sqlfilename, '.sql'; if $pos !== false...