HEX
Server: nginx/1.18.0
System: Linux srv01 5.15.0-171-generic #181-Ubuntu SMP Fri Feb 6 22:44:50 UTC 2026 x86_64
User: RaviMohan (1026)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /opt/mailcow-dockerized-1/data/web/
Upload Files
File: //opt/mailcow-dockerized-1/data/web/reset-password.php
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.user.inc.php';

if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'admin') {
  header('Location: /admin/dashboard');
  exit();
}
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'domainadmin') {
  header('Location: /domainadmin/mailbox');
  exit();
}
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user') {
  header('Location: /user');
  exit();
}

require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
$_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
$_SESSION['index_query_string'] = $_SERVER['QUERY_STRING'];

if (isset($_GET['token'])) $is_reset_token_valid = reset_password("check", $_GET['token']);
else $is_reset_token_valid = False;

$template = 'reset-password.twig';
$template_data = [
  'is_mobileconfig' => str_contains($_SESSION['index_query_string'], 'mobileconfig'),
  'is_reset_token_valid' => $is_reset_token_valid,
  'reset_token' => $_GET['token']
];

require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
@ Telegram