It's work ! thanks you verry much !
Warning: This software is vulnerable to arbitrary upload without any credentials or authorization. An attacker only needs to know where mfm.php is to get full filesystem access including read/write files, create directories and delete files/directories. You should not use this without hardening it's security substantially. A proof of concept for uploading files can be found at the pastebin "DdtS1gvK"
There are no 4 star reviews.