Dear customers and PHP Melody users. We’ve recently received reports of code vulnerabilities in the latest PHP Melody release. As a result a patch was made available today. The vulnerabilities are of medium to low severity and would require enhanced user permissions (e.g. admin or editor) to be exploited. In short, your PHP Melody website is still “safe”! Nevertheless, […]
Greetings fans of PHP Melody! As more and more people use PHP Melody the better the software gets. Partly due to user feedback and partly due to code reviewers. Over the past few months we’ve received reports on how we can improve and strengthen our code. Several crucial security holes were patched in v2.7 thanks to reports made by such […]
During recent development work we uncovered a security issue within our code base.
This week we received news of a critical vulnerabilities in PHP Melody. Issues include: SQL/code injection, PHPMailer vulnerability (see CVE-2017-5223) and a couple more. To date, PHP Melody has been actively used on more than 29,000 separate websites in the past 9 years. Thankfully, we received no reports of sites being hacked via exploitable code in […]