XSS 취약점(16-1007) 수정

2017-01-05 17:56:22 +09:00
parent 27d603a804
commit 340fd32449
10 changed files with 54 additions and 4 deletions
--- a/adm/shop_admin/bannerform.php
+++ b/adm/shop_admin/bannerform.php
@ -4,6 +4,8 @@ include_once('./_common.php');

 auth_check($auth[$sub_menu], "w");

+$bn_id = preg_replace('/[^0-9]/', '', $bn_id);
+
 $html_title = '배너';
 $g5['title'] = $html_title.'관리';