영카트 Reflected XSS 취약점(17-560) 수정

2017-09-20 20:07:11 +09:00
parent 25d280b06d
commit 6ea332445f
4 changed files with 11 additions and 0 deletions
--- a/adm/shop_admin/sale1today.php
+++ b/adm/shop_admin/sale1today.php
@ -4,6 +4,8 @@ include_once('./_common.php');

 auth_check($auth[$sub_menu], "r");

+$date = preg_replace('/[^0-9]/i', '', $date);
+
 $date = preg_replace("/([0-9]{4})([0-9]{2})([0-9]{2})/", "\\1-\\2-\\3", $date);

 $g5['title'] = "$date 일 매출현황";