firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2018-0300,0331,0356,0358,0370 취약점 수정

Browse Source
This commit is contained in:
thisgun
2018-05-21 20:32:09 +09:00
parent c0fcd3a1ed
commit 980e65361c
4 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
adm/faqform.php
View File

@ -5,6 +5,9 @@ include_once(G5_EDITOR_LIB);
auth_check($auth[$sub_menu], "w");
$fm_id = (int) $fm_id;
$fa_id = isset($fa_id) ? (int) $fa_id : 0;
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql);

4
adm/sms_admin/form_multi_update.php
View File

@ -4,7 +4,7 @@ include_once("./_common.php");
auth_check($auth[$sub_menu], "w");
check_token();
check_admin_token();
if($atype == "del"){
$count = count($_POST['fo_no']);
@ -14,7 +14,7 @@ if($atype == "del"){
for ($i=0; $i<$count; $i++)
{
// 실제 번호를 넘김
$fo_no = $_POST['fo_no'][$i];
$fo_no = (int) $_POST['fo_no'][$i];
if (!trim($fo_no)) continue;
$res = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'");

2
adm/sms_admin/num_book.php
View File

@ -13,6 +13,8 @@ $g5['title'] = "휴대폰번호 관리";
if ($page < 1) $page = 1;
$bg_no = isset($bg_no) ? (int) $bg_no : 0;
if (is_numeric($bg_no))
$sql_group = " and bg_no='$bg_no' ";
else

4
lib/common.lib.php
View File

@ -3438,7 +3438,7 @@ function is_include_path_check($path='', $is_input='')
if( $path ){
if ($is_input){
if( strpos($path, 'php://') !== false || strpos($path, 'zlib://') !== false || strpos($path, 'bzip2://') !== false || strpos($path, 'zip://') !== false ){
if( stripos($path, 'php://') !== false || stripos($path, 'zlib://') !== false || stripos($path, 'bzip2://') !== false || stripos($path, 'zip://') !== false || stripos($path, 'data:text/') !== false || stripos($path, 'data://') !== false ){
return false;
}
@ -3485,7 +3485,7 @@ function is_include_path_check($path='', $is_input='')
$extension = pathinfo($path, PATHINFO_EXTENSION);
if($extension && preg_match('/(jpg|jpeg|png|gif|bmp|conf)$/', $extension)) {
if($extension && preg_match('/(jpg|jpeg|png|gif|bmp|conf)$/i', $extension)) {
return false;
}
}