Roundcube PHP Arbitrary Code Injection

Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno (Sofistic) CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro —- Roundcube Webmail is a browser-based IMAP client that uses “chuggnutt.com HTML to Plain Text Conversion” library to convert HTML text to plain text, this library uses the preg_replace PHP function […]