R. Corson · Php Forge · CVE-2006-3917
**Name of the Vulnerable Software and Affected Versions**
R. Corson PHP Forge versions 3 beta 2 and earlier
**Description**
The issue allows remote attackers to execute arbitrary PHP code via a URL in the `cfg racine` parameter in the inc/gabarits.php file.
**Recommendations**
For versions 3 beta 2 and earlier, consider restricting access to the `cfg racine` parameter in the inc/gabarits.php file to minimize the risk of exploitation.