영카트 다중 취약점( 17-0556 ) 수정

2017-09-06 17:08:05 +09:00
parent d1cf765d9e
commit a431225576
2 changed files with 5 additions and 0 deletions
--- a/adm/shop_admin/bannerformupdate.php
+++ b/adm/shop_admin/bannerformupdate.php
@ -17,6 +17,8 @@ check_admin_token();
 $bn_bimg      = $_FILES['bn_bimg']['tmp_name'];
 $bn_bimg_name = $_FILES['bn_bimg']['name'];

+$bn_id = (int) $bn_id;
+
 if ($bn_bimg_del)  @unlink(G5_DATA_PATH."/banner/$bn_id");

 //파일이 이미지인지 체크합니다.