firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2018-2443] 영카트 SQL Injection 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-02-13 12:19:19 +09:00
parent f121c8e708
commit b6d9260f3a
3 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
shop/_common.php
View File

@ -4,6 +4,7 @@ include_once('../common.php');
if (isset($_REQUEST['sort'])) {
$sort = trim($_REQUEST['sort']);
$sort = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sort);
$sort = preg_replace("/(--|#|\/\*|\*\/)/", "", $sort);
} else {
$sort = '';
}