Within Nikto's focusing tests, which category covers file upload vulnerabilities?

This question tests recognizing where Nikto focuses on weaknesses involving unvalidated or insecure file uploads. The File upload category in Nikto is designed to detect when a server accepts uploaded files and whether those uploads can be exploited (for example, by uploading executable content or a web shell). It directly targets the mechanism that enables attackers to place malicious files on the server, which is the essence of a file upload vulnerability. Other categories cover different issues: suspicious files looks for known malicious filenames or payloads, common misconfigs flag general server misconfigurations, and information disclosure identifies leaks of sensitive information. Since the goal is to identify vulnerabilities tied to uploading and executing files, the File upload category is the best fit.