CVE-2007-5682

Name of the Vulnerable Software and Affected Versions TikiWiki versions prior to 1.9.8.2

Description The issue allows remote attackers to execute arbitrary code by utilizing variable functions and variable variables to write variables whose names match the whitelist. This is due to an incomplete blacklist vulnerability in the tiki-graph formula.php file.

Recommendations For versions prior to 1.9.8.2, update to version 1.9.8.2 or later to resolve the issue.