취약점 수정 Some security vulnerabilities #43

2019-05-29 09:58:04 +09:00
parent 166727879a
commit b1ac49a738
3 changed files with 4 additions and 2 deletions
--- a/bbs/login.php
+++ b/bbs/login.php
@ -8,7 +8,7 @@ if( function_exists('social_check_login_before') ){
 $g5['title'] = '로그인';
 include_once('./_head.sub.php');

-$url = $_GET['url'];
+$url = strip_tags($_GET['url']);

 // url 체크
 check_url_host($url);
--- a/bbs/move_update.php
+++ b/bbs/move_update.php
@ -1,6 +1,8 @@
 <?php
 include_once('./_common.php');

+$act = isset($act) ? strip_tags($act) : '';
+
 // 게시판 관리자 이상 복사, 이동 가능
 if ($is_admin != 'board' && $is_admin != 'group' && $is_admin != 'super')
    alert_close('게시판 관리자 이상 접근이 가능합니다.');
--- a/install/ajax.install.check.php
+++ b/install/ajax.install.check.php
@ -16,7 +16,7 @@ $mysql_host  = safe_install_string_check($_POST['mysql_host'], 'json');
 $mysql_user  = safe_install_string_check($_POST['mysql_user'], 'json');
 $mysql_pass  = safe_install_string_check($_POST['mysql_pass'], 'json');
 $mysql_db    = safe_install_string_check($_POST['mysql_db'], 'json');
-$table_prefix= safe_install_string_check($_POST['table_prefix']);
+$table_prefix= safe_install_string_check(preg_replace('/[^a-zA-Z0-9_]/', '_', $_POST['table_prefix']));

 $tmp_str = isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '';
 $ajax_token = md5($tmp_str.$_SERVER['REMOTE_ADDR'].$_SERVER['DOCUMENT_ROOT']);