Security update

SA-CONTRIB-2010-017 by iva2k: remove XSS vulnerability in file names

Fixed malicious system command insertion.

Fixed malicious system command insertion.

Correctly advises administrators about the PHP access they are giving to users with "import nodes" permission.

Correctly advises administrators about the PHP access they are giving to users with "import nodes" permission.

Menu Breadcrumb menu title XSS (cross-site scripting) issue on admin page fix