firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 SQL Injection 취약점 (18-0075) 수정

Browse Source
This commit is contained in:
thisgun
2018-03-16 16:39:07 +09:00
parent 108651c46d
commit 6c867f02b4
5 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
bbs/move_update.php
View File

@ -28,7 +28,14 @@ while ($row = sql_fetch_array($result))
$wr_num = $row['wr_num'];
for ($i=0; $i<count($_POST['chk_bo_table']); $i++)
{
$move_bo_table = $_POST['chk_bo_table'][$i];
$move_bo_table = preg_replace('/[^a-z0-9_]/i', '', $_POST['chk_bo_table'][$i]);
// 취약점 18-0075 참고
$sql = "select * from {$g5['board_table']} where bo_table = '".sql_real_escape_string($move_bo_table)."' ";
$move_board = sql_fetch($sql);
// 존재하지 않다면
if( !$move_board['bo_table'] ) continue;
$move_write_table = $g5['write_prefix'] . $move_bo_table;
$src_dir = G5_DATA_PATH.'/file/'.$bo_table; // 원본 디렉토리