php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution.