XSS 취약점(16-1007) 수정

2017-01-05 17:56:22 +09:00
parent 27d603a804
commit 340fd32449
10 changed files with 54 additions and 4 deletions
--- a/adm/shop_admin/itemeventform.php
+++ b/adm/shop_admin/itemeventform.php
@ -5,6 +5,8 @@ include_once(G5_EDITOR_LIB);

 auth_check($auth[$sub_menu], "w");

+$ev_id = preg_replace('/[^0-9]/', '', $ev_id);
+
 $html_title = "이벤트";
 $g5['title'] = $html_title.' 관리';