Shell injection vulnerability

https://github.com/thgh/pilon/blob/master/www/kick.php#L10
https://secure.php.net/manual/en/function.escapeshellarg.php

Also, it's likely one may be able to sabotage your network by injecting parts of iptables rules in multiple exec's with unvalidated user data all over your code.
