firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0829 영카트 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-05-24 18:40:02 +09:00
parent 6b2e0e9b58
commit a0fa82eabe
10 changed files with 49 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/shop_admin/sendcostupdate.php
View File

@ -18,11 +18,11 @@ if($w == 'd') {
for($i=0; $i<$count; $i++) {
$k = $_POST['chk'][$i];
$sc_id = $_POST['sc_id'][$k];
$sc_id = (int) $_POST['sc_id'][$k];
sql_query(" delete from {$g5['g5_shop_sendcost_table']} where sc_id = '$sc_id' ");
}
} else {
$sc_name = trim($_POST['sc_name']);
$sc_name = trim(strip_tags($_POST['sc_name']));
$sc_zip1 = preg_replace('/[^0-9]/', '', $_POST['sc_zip1']);
$sc_zip2 = preg_replace('/[^0-9]/', '', $_POST['sc_zip2']);
$sc_price = preg_replace('/[^0-9]/', '', $_POST['sc_price']);