fix: [security] Fixed an RCE vulnerability with user controled entrie…

…s being fed to file_exists

- phar protocol paths for php file instructions can lead to RCE via meta-data deserialization
- mitigated by the functionalities enabling this being only accessible to site admins

- Reported by Dawid Czarnecki

app/Model/Server.php

@@ -3076,6 +3076,9 @@ public function beforeHookBinExec($setting, $value)
 
     public function testForBinExec($value)
     {
+        if (substr($value, 0, 7) === "phar://") {
+            return 'Phar protocol not allowed.';
+        }
         $finfo = finfo_open(FILEINFO_MIME_TYPE);
         if ($value === '') {
             return true;
@@ -3094,6 +3097,9 @@ public function testForBinExec($value)
 
     public function testForWritableDir($value)
     {
+        if (substr($value, 0, 7) === "phar://") {
+            return 'Phar protocol not allowed.';
+        }
         if (!is_dir($value)) {
             return 'Not a valid directory.';
         }