CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.6%
Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWiki
before 1.9.8.2 allows remote attackers to execute arbitrary code by using
variable functions and variable variables to write variables whose names
match the whitelist, a different vulnerability than CVE-2007-5423.