I saw an interesting article about PHP file upload security in devshed PHP forum:
...
[Vulnerable]
Almost any PHP program which provides file upload capability is Vulnerable.
The way that PHP handles file uploads makes it simple to trick PHP
applications into working on arbitrary files local to the server rather than
files uploaded by the user. This will generally lead to a remote attacker
being able to read any file on the server that can be read by the user the
web server is running as, typically 'nobody'...
...
Here's the link:
http://www.devshed.com/Talk/Forums/Forum5/HTML/002787.html
alex
