From 33ad3784005904848bed2a21ffc609eda34dfffc Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 28 Mar 2017 10:18:02 +0900 Subject: [PATCH] =?UTF-8?q?Reflected=20XSS,=20=EC=9B=90=EA=B2=A9=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95(17?= =?UTF-8?q?-0155,=200156,=200157)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/shop_admin/categoryformupdate.php | 4 ++++ adm/shop_admin/categorylistupdate.php | 4 ++++ mobile/shop/list.php | 2 +- shop/list.php | 2 +- 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/adm/shop_admin/categoryformupdate.php b/adm/shop_admin/categoryformupdate.php index 4196c5610..d1e994d6d 100644 --- a/adm/shop_admin/categoryformupdate.php +++ b/adm/shop_admin/categoryformupdate.php @@ -35,6 +35,10 @@ if ($w == "" || $w == "u") } } +if( $ca_skin && ! is_include_path_check($ca_skin) ){ + alert('오류 : 데이터폴더가 포함된 path 를 포함할수 없습니다.'); +} + $sql_common = " ca_order = '$ca_order', ca_skin_dir = '$ca_skin_dir', ca_mobile_skin_dir = '$ca_mobile_skin_dir', diff --git a/adm/shop_admin/categorylistupdate.php b/adm/shop_admin/categorylistupdate.php index 881cc4384..3cb8149ad 100644 --- a/adm/shop_admin/categorylistupdate.php +++ b/adm/shop_admin/categorylistupdate.php @@ -17,6 +17,10 @@ for ($i=0; $i"; $error = '

등록된 상품이 없습니다.

'; // 리스트 스킨 - $skin_file = $skin_dir.'/'.$ca['ca_mobile_skin']; + $skin_file = is_include_path_check($skin_dir.'/'.$ca['ca_mobile_skin']) ? $skin_dir.'/'.$ca['ca_mobile_skin'] : $skin_dir.'/list.10.skin.php'; if (file_exists($skin_file)) { $sort_skin = $skin_dir.'/list.sort.skin.php'; diff --git a/shop/list.php b/shop/list.php index a74e652ec..ca2b86f78 100644 --- a/shop/list.php +++ b/shop/list.php @@ -90,7 +90,7 @@ var itemlist_ca_id = ""; $error = '

등록된 상품이 없습니다.

'; // 리스트 스킨 - $skin_file = $skin_dir.'/'.$ca['ca_skin']; + $skin_file = is_include_path_check($skin_dir.'/'.$ca['ca_skin']) ? $skin_dir.'/'.$ca['ca_skin'] : $skin_dir.'/list.10.skin.php'; if (file_exists($skin_file)) {