A remote code execution flaw in the open-source Horde Webmail client can allow to take over servers by sending a specially crafted email.