given that dompdf was installed in an internet-obtainable directory (and we knew its place because of a leaked logfile), we could navigate for the uploaded `.php` script, providing us code execution over the server. To https://theomeqx865483.wikicommunications.com/user