firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드5 다중 취약점 수정 adm1nkyj( http://adm1nkyj.kr/ ) 제보

Browse Source
This commit is contained in:
thisgun
2018-10-17 18:01:42 +09:00
parent 784f631896
commit aa7ffdf093
4 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bbs/view_image.php
View File

@ -4,8 +4,7 @@ include_once('./_common.php');
$g5['title'] = '이미지 크게보기';
include_once(G5_PATH.'/head.sub.php');
$filename = $_GET['fn'];
$bo_table = $_GET['bo_table'];
$filename = preg_replace('/[^A-Za-z0-9 _ .-]/', '', $_GET['fn']);
if(strpos($filename, 'data/editor')) {
$editor_file = strstr($filename, 'editor');