CVE-2004-2458
Open WebMail 2.30 and earlier is affected. When use_syshomedir is disabled or create_syshomedir is enabled, the application creates new directories before authentication, enabling a remote attacker to create arbitrary directories. This is a client/server vulnerability in Open WebMail’s directory ...