NoneKnowofMI6 made the first post
How to detect this flaw?
The classical method (it can work wesh)
The classic method is to simply try to upload a.php file. _. If it passes, the webmaster is a monkey.
The old way.
The server may only check the extension . php, so we can try...