File upload vulnerability
front-end can be uploaded by modifying the code F12 after capture or burp change the suffix name
If you use str_replace php .php will be emptied, this time can be written extension by double bypass
Some bypass method before my article
That is upload-labs
Can be tested by a platform server
File upload vulnerability can use with the file that contains the vulnerability
In particular horse pictures