To whom it may concern:
PHP File-Upload $GLOBALS Overwrite Vulnerability http://www.hardened-php.net/advisory_202005.79.html
$GLOBAL Overwrite and it's Consequences: http://www.hardened-php.net/index.76.html
wikitech-l@lists.wikimedia.org