Variables containing extra opening square brackets cause PHP to make a malformed $_FILES array? That's really a whopper bug they got there, but in the end it's really just a variant of "web developer believes the Content-Type supplied by the user's browser is correct" in terms of vulnerability. Both the file name and the content type must be considered unchecked user input and have to be sanitized anyway.
