KVE-2019-0001, 0002, 0042, 0050 그누보드 다중 취약점 수정

2019-01-28 10:07:29 +09:00
parent f1a69ff7a4
commit 31bf6e94ad
5 changed files with 13 additions and 11 deletions
--- a/adm/sms_admin/_common.php
+++ b/adm/sms_admin/_common.php
@ -13,6 +13,7 @@ if (!strstr($_SERVER['SCRIPT_NAME'], 'install.php')) {
 }

 $sv = isset($_REQUEST['sv']) ? get_search_string($_REQUEST['sv']) : '';
+$st = (isset($_REQUEST['st']) && $st) ? substr(get_search_string($_REQUEST['st']), 0, 12) : '';

 if( isset($token) ){
    $token = @htmlspecialchars(strip_tags($token), ENT_QUOTES);