EPSS
Percentile
99.3%
Horde Groupware Webmail is vulnerable to remote code execution. An authenticated remote attacker could execute arbitrary PHP code via the Turba subcomponent.
packetstormsecurity.com/files/152476/Horde-Form-Shell-Upload.html
lists.debian.org/debian-lts-announce/2019/06/msg00007.html
seclists.org/bugtraq/2019/Jun/31
security-tracker.debian.org/tracker/CVE-2019-9858
ssd-disclosure.com/?p=3814&preview=true
www.debian.org/security/2019/dsa-4468