nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.