Archive for January, 2011
We are happy to announce the immediate availability of DOCman 1.5.10 and DOCman 1.4.2!
During the recent holidays, a medium level vulnerability was discovered in DOCman. We found a query that wasn’t being properly escaped and could lead to an SQL Injection. There is no known exploit for this vulnerability and it would be very difficult to create one because there are other security measures in place.
At Joomlatools we are fanatic about security and even if DOCman 1.5.9 has recently been released, we recommend upgrading to 1.5.10 just to be on the safe side.
This vulnerability affects all versions of DOCman prior to 1.5.10. So if you’re using 1.5.9 or older, please upgrade to 1.5.10. If you’re using 1.4.1 or older, please upgrade to 1.4.2.
