by Yuniar Setiawan

MachForm 25 Released. Security Update.

MachForm 25 is now available for download on Account Area. This release brings important security updates and bug fixes. We STRONGLY encourage you to update your MachForm immediately.

Security Updates

  • SQL Injections. We have addressed a potential vulnerability that could allow multiple SQL injections attack on the admin backend side.

Technical Details

The technical details of these vulnerabilities will be published later in the CVE database. We will update this post with the corresponding CVE IDs once they are available.

(Update – 17 April 2025) : While awaiting the publication of the CVE details, information about the vulnerabilities can be found on the DSECBYPASS website.

Acknowledgments

We would like to extend our gratitude to Vladimir TOUTAIN from DSECBYPASS for his diligence and expertise in identifying these vulnerabilities.

PHP & MySQL Version Requirement

MachForm v25 requires the minimum version of PHP on your server to be at least PHP 7.4 and MySQL version at least MySQL 5.7. If you’re still using an older version, you’ll need to upgrade your PHP and/or MySQL version first.

How to Update

This update is FREE for all users with an active support contract.
As mentioned above, you can download it in the Account Area.

Follow this upgrade instruction:
Upgrading MachForm Self-Hosted 

in News 0 comments

You may also like

MachForm 24 Released. PHP 8.4 Compatibility.

MachForm 23 Released. Key Updates in Maintenance and Security.

MachForm 21 Released. PHP 8.3 Compatibility.