Security guide for website operators allows remote attackers to execute arbitrary OS commands via specially crafted saved data.