shell bypass 403
UnknownSec Shell
:
/
home
/
delvin
/
public_html
/
views
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
v_admin_testimony_edit.php
<?php if ($_POST['submitBut'] == 'Edit'){ $Testimonial = new Testimonial; $row = $Testimonial->get($_POST['testID'], '', ''); $testID = $_POST['testID']; $dispName = $row['dispName']; $message = $row['message']; $xPhoto = $row['photo']; $addedTS = $row['addedTS']; $action = 'Edit'; } else if ($_POST['submitBut'] == 'Save'){ // return data from form $testID = $_POST['testID']; $dispName = $_POST['dispName']; $message = $_POST['message']; $xPhoto = $_POST['xPhoto']; $addedTS = $_POST['addedTS']; $action = $_POST['action']; } else { // initialize variables $testID = ''; $dispName = ''; $message = ''; $xPhoto = ''; $addedTS = ''; $action = 'Add'; } echo " <form action='' method='post' enctype='multipart/form-data'> <input type='hidden' name='testID' value='".$testID."'> <input type='hidden' name='xPhoto' value='".$xPhoto."'> <input type='hidden' name='action' value='".$action."'> <div class='col-12'> <div class='col75'> <H1>". $action . " Testimonial</H1> </div> <div class='col25 right'> <input type='submit' name='submitBut' value='Save' class='btn btn_save'> <input type='submit' name='submitBut' value='Cancel' class='btn btn_cancel'> </div> </div> <div class='edit_form_group'>"; if ($testID > 0){ echo " <div class='form_label'>ID#: </div> <div class='form_input'>".$testID."</div> "; } echo " <div class='col-12 bot_line'> <div class='form_label'>Testimonial from</div> <div class='form_input'> <input type='text' name='dispName' value='".$dispName."' size=50 maxlength=50> </div> </div> <div class='col-12 bot_line'> <div class='form_label'>Testimonial content</div> <div class='form_input'><textarea name='message' id='message'>".$message."</textarea></div> </div> <script> CKEDITOR.replace('message'); </script> <div class='col-12 bot_line'> <div class='form_label'>Photo (optional)</div> <div class='form_input'><input type='file' id='photo' name='photo'></div> <div class='form_full_width'>"; if ($xPhoto != ''){ echo "<img src='views/images/testimonials/".$xPhoto."' width=125>".$xPhoto . "<br> <input type='checkbox' name='delPhoto'> Delete Photo"; } echo " </div> </div> </form> </div>";
© 2026 UnknownSec