Code execution vulnerabilities in the background

**Describe the bug**
Code execution vulnerabilities in the background

**To Reproduce**
Steps to reproduce the behavior:
1.Log in to the background
2.Go to /acp/acp.php?tn=pages&sub=new#position
3.Click info and enter the malicious php code in the Permalink parameter to jump out of the structure to execute the malicious code
4.Click save
5./content/cache/active_urls.php and /content/cache/cache_lastedit.php files will be inserted with malicious code
6.Visit the homepage and you will see that the malicious code we inserted was successfully executed and returned the result

**Screenshots**

![image](https://user-images.githubusercontent.com/20243850/133060415-53a183f5-3173-4815-8b87-317308c1a749.png)

Click Save New Page

/content/cache/active_urls.php and /content/cache/cache_lastedit.php files will be inserted with malicious code

![image](https://user-images.githubusercontent.com/20243850/133060669-e907e576-2c18-4745-918f-9b3e243017ca.png)

![image](https://user-images.githubusercontent.com/20243850/133060706-0169d048-ee45-4424-bb16-9814311a4200.png)

![image](https://user-images.githubusercontent.com/20243850/133060833-2784a22c-576c-4ced-a96f-36d17594c1bf.png)


**Desktop (please complete the following information):**
 - OS: MacOS
 - Browser All
 - Version Last version

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Code execution vulnerabilities in the background #59

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development