firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2023-0046] 그누보드5(gnuboard5) SQL Injection 취약점

Browse Source
This commit is contained in:
thisgun
2023-01-13 11:00:00 +09:00
parent 9cf8804611
commit 724a4e4bf6
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mobile/shop/listtype.php
View File

@ -1,12 +1,12 @@
<?php
include_once('./_common.php');
$type = isset($_REQUEST['type']) ? preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $_REQUEST['type']) : '';
if ($type == 1) $g5['title'] = '히트상품';
else if ($type == 2) $g5['title'] = '추천상품';
else if ($type == 3) $g5['title'] = '최신상품';
else if ($type == 4) $g5['title'] = '인기상품';
else if ($type == 5) $g5['title'] = '세일상품';
$type = isset($_REQUEST['type']) ? (int) preg_replace("/[^0-9]/", "", $_REQUEST['type']) : 1;
if ($type === 1) $g5['title'] = '히트상품';
else if ($type === 2) $g5['title'] = '추천상품';
else if ($type === 3) $g5['title'] = '최신상품';
else if ($type === 4) $g5['title'] = '인기상품';
else if ($type === 5) $g5['title'] = '세일상품';
else
alert('상품유형이 아닙니다.');