"ShAnKaR reported that input passed to the "f" array parameter in tiki-graph_formula.php is not properly verified before being used to execute PHP functions.
[...]
An attacker could execute arbitrary code with the rights of the user running the web server by passing a specially crafted parameter string to the tiki-graph_formula.php file."
Adding: www.gentoo. org/security/ en/glsa/ glsa-200710- 21.xml
http://
"ShAnKaR reported that input passed to the "f" array parameter in tiki-graph_ formula. php is not properly verified before being used to execute PHP functions. formula. php file."
[...]
An attacker could execute arbitrary code with the rights of the user running the web server by passing a specially crafted parameter string to the tiki-graph_