The following versions of PHPCRM are currently supported with security updates:
| Version | Supported |
|---|---|
| Latest release | β Yes |
| Older releases | β No |
We strongly recommend always using the latest stable version.
We take security seriously and appreciate responsible disclosure.
Instead, report them privately using one of the following methods:
- π§ Email: [email protected]
- π Contact Form: https://www.phpcrm.com/contact
- Description of the vulnerability
- Steps to reproduce
- Affected version(s)
- Proof of concept (if available)
- Your environment (PHP version, server, database)
Once a security report is received:
- We will acknowledge receipt within 48 hours
- The issue will be reviewed and validated
- A fix will be developed and tested
- A security patch will be released
- Credit will be given to the reporter (if requested)
We recommend the following to keep your PHPCRM installation secure:
- Use the latest PHP & MySQL versions
- Keep file permissions properly restricted
- Use strong admin passwords
- Enable HTTPS (SSL)
- Regularly back up your database
- Restrict access to the
/appand configuration files - Keep third-party dependencies updated
PHPCRM relies on trusted third-party libraries.
Any security issues related to dependencies are tracked and resolved as quickly as possible.
Security vulnerabilities are disclosed responsibly and only after a fix is available.
Thank you for helping keep PHPCRM secure π
Your responsible disclosure helps protect the entire community.