firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-0688,0689,0691,0694,0708,0709,0750,0762,0791,0802,0846] 그누보드,영카트 다중 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-05-24 10:44:48 +09:00
parent e234b990ec
commit 18d4a60e03
9 changed files with 54 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/common.lib.php
View File

@ -3416,7 +3416,7 @@ function get_head_title($title){
global $g5;
if( isset($g5['board_title']) && $g5['board_title'] ){
$title = $g5['board_title'];
$title = strip_tags(get_text($g5['board_title']));
}
return $title;
@ -3547,7 +3547,7 @@ function is_include_path_check($path='', $is_input='')
if( preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) ){
return false;
}
if( preg_match('/\.\.\//i', $replace_path) && preg_match('/plugin\//i', $replace_path) && preg_match('/okname\//i', $replace_path) ){
if( (preg_match('/\.\.\//i', $replace_path) || preg_match('/^\/.*/i', $replace_path)) && preg_match('/plugin\//i', $replace_path) && preg_match('/okname\//i', $replace_path) ){
return false;
}
}