KVE-2018-2451, 2452, 2453, 2019-0208 그누보드 다중 취약점 수정

adm/config_form_update.php

@@ -28,6 +28,14 @@ $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',',
 
 $_POST['cf_title'] = strip_tags($_POST['cf_title']);
 
+$check_keys = array('cf_lg_mid', 'cf_lg_mert_key', 'cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key');
+
+foreach( $check_keys as $key ){
+    if ( isset($_POST[$key]) && $_POST[$key] ){
+        $_POST[$key] = preg_replace('/[^a-z0-9_\-]/i', '', $_POST[$key]);
+    }
+}
+
 $sql = " update {$g5['config_table']}
             set cf_title = '{$_POST['cf_title']}',
                 cf_admin = '{$_POST['cf_admin']}',

adm/menu_list_update.php

@@ -23,7 +23,7 @@ for ($i=0; $i<$count; $i++)
 
     $code    = $_POST['code'][$i];
     $me_name = $_POST['me_name'][$i];
-    $me_link = preg_match('/^javascript/i', $_POST['me_link'][$i]) ? G5_URL : strip_tags($_POST['me_link'][$i]);
+    $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags($_POST['me_link'][$i]);
     
     if(!$code || !$me_name || !$me_link)
         continue;

adm/sms_admin/emoticon_move.php

@@ -12,7 +12,7 @@ $g5['title'] = '이모티콘그룹 이동';
 include_once(G5_PATH.'/head.sub.php');
 
 $list = array();    //배열 변수 초기화
-$fo_no_list = isset($_POST['fo_no']) ? implode(',', $_POST['fo_no']) : '';
+$fo_no_list = isset($_POST['fo_no']) ? clean_xss_tags(strip_tags(implode(',', $_POST['fo_no']))) : '';
 
 $sql = " select * from {$g5['sms5_form_group_table']} order by fg_no ";
 $result = sql_query($sql);