CVE-2005-1435
Open WebMail (OWM) before version 2.51 (20050430) is vulnerable to remote command execution when an authenticated user supplies a filename containing shell metacharacters. The root cause is failure to properly remove shell escapes from filenames before processing them, enabling arbitrary command ...