Mandriva Linux Security Advisory 2014-104 - eGroupWare before 1.8.007 allows logged in users with administrative privileges to remotely execute arbitrary commands on the server. It is also vulnerable to a cross site request forgery vulnerability that allows creating new administrative users.
163816366349375cb802d0b3bf5aef0485911fb9c176c1929c1d3f52e8c8ef99