firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-0335, 0344 다중 취약점] 수정

Browse Source
This commit is contained in:
thisgun
2019-03-06 18:00:32 +09:00
parent 2c61975b49
commit 4227356108
9 changed files with 48 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
bbs/confirm.php
View File

@ -2,9 +2,15 @@
include_once('./_common.php');
include_once(G5_PATH.'/head.sub.php');
$url1 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url1));
$url2 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url2));
$url3 = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", clean_xss_tags($url3));
$pattern1 = "/[\<\>\'\"\\\'\\\"\(\)]/";
$pattern2 = "/\r\n|\r|\n|[^\x20-\x7e]/";
$url1 = preg_replace($pattern1, "", clean_xss_tags($url1));
$url1 = preg_replace($pattern2, "", $url1);
$url2 = preg_replace($pattern1, "", clean_xss_tags($url2));
$url2 = preg_replace($pattern2, "", $url2);
$url3 = preg_replace($pattern1, "", clean_xss_tags($url3));
$url3 = preg_replace($pattern2, "", $url3);
// url 체크
check_url_host($url1);