diff --git a/miscellaneous/exposed-file-upload-form.yaml b/miscellaneous/exposed-file-upload-form.yaml
new file mode 100644
index 00000000000..e1bd5c7bec6
--- /dev/null
+++ b/miscellaneous/exposed-file-upload-form.yaml
@@ -0,0 +1,30 @@
+id: exposed-file-upload-form
+
+info:
+  name: Exposed File Upload Form
+  author: geeknik
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"multipart/form-data" html:"file"
+  tags: exposure,upload,form
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - <form.*?method=("|')?post("|')?.*?>
+          - <form.*?(?i)(?-i)enctype=("|')?multipart\/form-data("|')?.*?>
+          - <input.*?type=("|')?file("|')?.*?>
+        condition: or
+
+      - type: regex
+        regex:
+          - "type=[\"'](file)[\"']"
+          - 'id="file"'
+        condition: or