A web shell is a type of malware that is able to execute arbitrary commands under the context of the web server.
Web shells can be placed manually in web server directories by attackers for persistence, or by leveraging a file upload bug that allows an attacker to upload scripts to a directory the web server is able to serve.