Possible Security Issue - Command Injection in legacy/restts/getimage.php

In `legacy/restts/getimage.php`, `$_GET['id']` is being passed to a `passthru()` call without being sanitized, this could allow an attacker to execute arbitrary commands on the server. Take a look at [`escapeshellarg()`](http://us1.php.net/manual/en/function.escapeshellarg.php) for a way to help secure this.

See here:

https://github.com/CatchPlus/S4AAAS/blob/master/legacy/restts/getimage.php#L5
