firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 16:24:27 +09:00
parent 3cf0546711
commit 3c0cde3fe2
5 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/board_form_update.php
View File

@ -80,8 +80,8 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
$_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject']));
$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject']));
$sql_common = " gr_id = '{$gr_id}',
bo_subject = '{$_POST['bo_subject']}',

2
adm/board_list_update.php
View File

@ -33,7 +33,7 @@ if ($_POST['act_button'] == "선택수정") {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
}
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : '';
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
$sql = " update {$g5['board_table']}
set gr_id = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',

2
adm/contentformupdate.php
View File

@ -21,7 +21,7 @@ if ($w == "" || $w == "u")
}
$co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id);
$co_subject = strip_tags($co_subject);
$co_subject = strip_tags(clean_xss_attributes($co_subject));
$co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
$co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;

2
adm/newwinformupdate.php
View File

@ -12,7 +12,7 @@ else
check_admin_token();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';
$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
$sql_common = " nw_device = '{$_POST['nw_device']}',
nw_begin_time = '{$_POST['nw_begin_time']}',

6
adm/point_update.php
View File

@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w');
check_admin_token();
$mb_id = strip_tags($_POST['mb_id']);
$po_point = strip_tags($_POST['po_point']);
$po_content = strip_tags($_POST['po_content']);
$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id']));
$po_point = strip_tags(clean_xss_attributes($_POST['po_point']));
$po_content = strip_tags(clean_xss_attributes($_POST['po_content']));
$expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);
$mb = get_member($mb_id);