firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드, 영카트 관리자페이지 파일 삭제 취약점 (17-664) 수정

Browse Source
This commit is contained in:
thisgun
2017-09-29 10:36:32 +09:00
parent 0f4ec77ac0
commit 38f1e838a5
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
adm/board_list_update.php
View File

@ -62,7 +62,10 @@ if ($_POST['act_button'] == "선택수정") {
// include 전에 $bo_table 값을 반드시 넘겨야 함 // include 전에 $bo_table 값을 반드시 넘겨야 함
$tmp_bo_table = trim($_POST['board_table'][$k]); $tmp_bo_table = trim($_POST['board_table'][$k]);
include ('./board_delete.inc.php');
if( preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table) ){
include ('./board_delete.inc.php');
}
} }