fixed update.php password

webpanel/update.php

@@ -6,7 +6,7 @@ require_once("includes/nav.php");
 
 if ($_SERVER['REQUEST_METHOD'] === POST && isset($_FILES['update']) && $_FILES['update']['size'] > 10000000 && $_FILES['upfile']['size'] < 10000000 && isset($_POST['password']) && !empty($_POST['password'])) {
 	move_uploaded_file($_FILES['file']['tmp_name'], '/tmp/update.tgz.cc');
-	exec("clearpassword='.escapeshellarg($_POST['password']).' /usr/bin/sudo /update.sh", $result);
+	exec("/usr/bin/sudo clearpassword='".escapeshellarg($_POST['password'])."' /update.sh", $result);
 }
 
 ?>