Low privileges (auth) Remote Command Execution – PHP file upload bypass.