tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to execute arbitrary code via PHP sequences in the f array parameter, which are processed by create_function.
Related bugs and status
CVE-2007-5423 (Candidate)
is related to these bugs: