Uploading plain text is bad, mhkay?
As a matter of fact, we were able to upload images, text files which extensions have been modified to images, and even plain text files without performing extension editing
The significance of this escapes me.
Yes, it accepts bad input, but what happens next? A badly written parser can be susceptible to buffer overflow attacks and similar, but a file's extension is irrelevant. So, what are the researchers trying to tell us here?