firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

영카트 원격 코드 실행 취약점 수정(2017-1050)

Browse Source
This commit is contained in:
thisgun
2018-03-15 14:20:06 +09:00
parent 7017ee2dc2
commit 91a3ca9f8a
5 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
shop/itemuseformupdate.php
View File

@ -8,6 +8,7 @@ if (!$is_member) {
$it_id = trim($_REQUEST['it_id']);
$is_subject = trim($_POST['is_subject']);
$is_content = trim($_POST['is_content']);
$is_content = preg_replace('#<script(.*?)>(.*?)</script>#is', '', $is_content);
$is_name = trim($_POST['is_name']);
$is_password = trim($_POST['is_password']);
$is_score = (int)$_POST['is_score'] > 5 ? 0 : (int)$_POST['is_score'];