Exploit for #VU5939 OS command injection in PHP