firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2018-2451, 2452, 2453, 2019-0208 그누보드 다중 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-01-28 11:11:49 +09:00
parent 31bf6e94ad
commit 40508b05d0
5 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/config_form_update.php
View File

@ -28,6 +28,14 @@ $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',',
$_POST['cf_title'] = strip_tags($_POST['cf_title']);
$check_keys = array('cf_lg_mid', 'cf_lg_mert_key', 'cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key');
foreach( $check_keys as $key ){
if ( isset($_POST[$key]) && $_POST[$key] ){
$_POST[$key] = preg_replace('/[^a-z0-9_\-]/i', '', $_POST[$key]);
}
}
$sql = " update {$g5['config_table']}
set cf_title = '{$_POST['cf_title']}',
cf_admin = '{$_POST['cf_admin']}',