From 05f913258d5efef26c91d355a685a1464959cc96 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 15 Jul 2019 18:35:16 +0900
Subject: [PATCH] =?UTF-8?q?KVE-2019-1145=20XSS,=20CSRF=EB=A5=BC=20?=
 =?UTF-8?q?=EC=9D=B4=EC=9A=A9=ED=95=9C=20=EC=9B=90=EA=B2=A9=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/categoryformupdate.php | 3 +++
 adm/shop_admin/couponmember.php       | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/adm/shop_admin/categoryformupdate.php b/adm/shop_admin/categoryformupdate.php
index 86f1f795c..a00322583 100644
--- a/adm/shop_admin/categoryformupdate.php
+++ b/adm/shop_admin/categoryformupdate.php
@@ -48,6 +48,9 @@ foreach( $check_keys as $key ){
     }
 }
 
+$ca_include_head = $_POST['ca_include_head'];
+$ca_include_tail = $_POST['ca_include_tail'];
+
 if ($w == "u" || $w == "d")
     check_demo();
 
diff --git a/adm/shop_admin/couponmember.php b/adm/shop_admin/couponmember.php
index e8883ef10..0f22d5a80 100644
--- a/adm/shop_admin/couponmember.php
+++ b/adm/shop_admin/couponmember.php
@@ -13,7 +13,7 @@ $sql_common = " from {$g5['member_table']} ";
 $sql_where = " where mb_id <> '{$config['cf_admin']}' and mb_leave_date = '' and mb_intercept_date ='' ";
 
 if($mb_name){
-    $mb_name = strip_tags($mb_name);
+    $mb_name = preg_replace('/\!\?\*$#<>()\[\]\{\}/i', '', strip_tags($mb_name));
     $sql_where .= " and mb_name like '%".sql_real_escape_string($mb_name)."%' ";
 }