Developing a secure file upload is not an easy task at all. It is full of
pitfalls and tricks. We discuss here some of the scenarios that may happen while
uploading a file to the server.
Read Full Article: PHP Secure File Upload
Arbitrary File Execution Attack is attack that occurs when an attacker is able to request files that normally should not be called alone.
Read full article: Arbitrary File Execution Attack
PHP Code Injection Attack is an attack that allows an attacker to insert
arbitrary code into script execution flow. The attack is usually associated with
the use of dynamic variables in the include() and require() functions without proper validation of the these
variables.
Read More at ULTSEC: PHP Code Injection Attack
