This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4 - View it on GitHub