TikiWiki 1.9.8.1 fixes a broken white-list check (CVE-2007-5423) that is supposed to protect against arbitrary PHP code injection in a call to create_function(). When Stefan analyzed the bugfix we discovered that while the reported bug in the white-list check is now repaired, it is still possible to execute arbitrary PHP code by only using the strings allowed in the white-list.

http://www.securiteam.com/unixfocus/6M0020AKBQ.html