diff --git a/Upload Insecure Files/README.md b/Upload Insecure Files/README.md
index 7ca53b1..a95dcbb 100644
--- a/Upload Insecure Files/README.md	
+++ b/Upload Insecure Files/README.md	
@@ -22,6 +22,7 @@ Less known extensions
 .phpt
 .pgif
 .phtml
+.phtm
 
 Double extensions
 .jpeg.php
@@ -62,4 +63,4 @@ Touch command
 * Bulletproof Jpegs Generator - Damien "virtualabs" Cauquil
 * [BookFresh Tricky File Upload Bypass to RCE, NOV 29, 2014 - AHMED ABOUL-ELA](https://secgeek.net/bookfresh-vulnerability/)
 * [Encoding Web Shells in PNG IDAT chunks, 04-06-2012, phil](https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/)
-* [La PNG qui se prenait pour du PHP, 23 février 2014](https://phil242.wordpress.com/2014/02/23/la-png-qui-se-prenait-pour-du-php/)
\ No newline at end of file
+* [La PNG qui se prenait pour du PHP, 23 février 2014](https://phil242.wordpress.com/2014/02/23/la-png-qui-se-prenait-pour-du-php/)