A web shell is malware that is uploaded to a web server, and can provide access to files on the server. Most web shells will also allow you to run OS level commands on the server.
You can do quite a few things with web shells depending on its features. You can access databases, exfiltrate data, you can even delete files on server or upload files.