Osi Codes · Php Live! · CVE-2006-3911
**Name of the Vulnerable Software and Affected Versions**
OSI Codes PHP Live! versions 3.2.1 and earlier
**Description**
The issue allows remote attackers to execute arbitrary PHP code via a URL in the `css path` parameter in files such as "help.php" and "setup/header.php".
**Recommendations**
For versions 3.2.1 and earlier, consider restricting access to the `css path` parameter in the affected files until a patch is available. As a temporary workaround, avoid using the `css path` parameter in the "help.php" and "setup/header.php" files to minimize the risk of exploitation.