Hi! The Eyou Mail System have a Remote Code Execution in \inc\fuction.php.It affects version below 3.6. The Vulnerability fuction is get_login_ip_config_file in \inc\fuction.php. function get_login_ip_config_file($domain, $file) { $dir = '/var/eyou/Domain/'; $dir_mail = exec('/var/eyou/sbin/hashid '.$domain); //$domain can control by us. .... } the other file in \admin\domain\ip_login_set\d_ip_login_get.php.