[KVE-2019-0335, 0344 다중 취약점] 수정

2019-03-06 18:00:32 +09:00
parent 2c61975b49
commit 4227356108
9 changed files with 48 additions and 14 deletions
--- a/plugin/okname/ipin2.php
+++ b/plugin/okname/ipin2.php
@ -1,6 +1,11 @@
 <?php
 include_once('./_common.php');
-include_once('./ipin.config.php');
+
+if( isset($_REQUEST['exe']) && isset($exe) && $exe ){
+    die('bad request');
+}
+
+include('./ipin.config.php');

 //아이핀팝업에서 조회한 PERSONALINFO이다.
@$encPsnlInfo = $_POST["encPsnlInfo"];