diff --git a/adm/board_form_update.php b/adm/board_form_update.php
index b5f7364b7..83ff74b52 100644
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@@ -39,14 +39,17 @@ $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]
 $check_captcha = false;
 
 // 관리자가 자동등록방지 CAPTCHA를 사용해야 할 경우
-if ($w === 'u') {
-    if (isset($board['bo_include_head'], $board['bo_include_tail']) &&
-        ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) {
-        $check_captcha = true;
-    }
-} elseif ($w === '') {
-    if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') {
-        $check_captcha = true;
+// 최고 관리자인 경우에만 수정가능
+if ($is_admin === 'super') {
+    if ($w === 'u') {
+        if (isset($board['bo_include_head'], $board['bo_include_tail']) &&
+            ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail)) {
+            $check_captcha = true;
+        }
+    } elseif ($w === '') {
+        if ($bo_include_head !== '_head.php' || $bo_include_tail !== '_tail.php') {
+            $check_captcha = true;
+        }
     }
 }
 
diff --git a/adm/css/admin.css b/adm/css/admin.css
index 6915f99b3..73a0aca71 100644
--- a/adm/css/admin.css
+++ b/adm/css/admin.css
@@ -587,7 +587,7 @@ td.td_grpset {width:160px;border-left:1px solid #e9ecee;text-align:center}
 .td_time{text-align:center;width:130px}
 .td_center{text-align:center;}
 .td_type{width:120px}
-.td_consent{width:200px}
+.td_consent{min-width:70px;max-width:200px}
 
 .td_mng_s{width:60px}
 .td_mng_m{width:100px}
diff --git a/adm/member_list.php b/adm/member_list.php
index bb3be84c6..afcf45e77 100644
--- a/adm/member_list.php
+++ b/adm/member_list.php
@@ -127,7 +127,7 @@ $colspan = 16;
                     <th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th>
                     <th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th>
                     <th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th>
-                    <th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>광고성이메일수신</a></th>
+                    <th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>광고성이메일</a></th>
                     <th scope="col" id="mb_list_auth">상태</th>
                     <th scope="col" id="mb_list_mobile">휴대폰</th>
                     <th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
@@ -137,9 +137,9 @@ $colspan = 16;
                 <tr>
                     <th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
                     <th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
-                    <th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>광고성SMS/카카오톡수신</a></th>
                     <th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th>
                     <th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th>
+                    <th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>광고성SMS</a></th>
                     <th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
                     <th scope="col" id="mb_list_tel">전화번호</th>
                     <th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
@@ -258,7 +258,7 @@ $colspan = 16;
                             <input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open'] ? 'checked' : ''; ?> value="1" id="mb_open_<?php echo $i; ?>">
                         </td>
                         <td headers="mb_list_mailr" class="td_consent">
-                            <label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
+                            <label for="mb_mailling_<?php echo $i; ?>" class="sound_only">광고성이메일수신</label>
                             <input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling'] ? 'checked' : ''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
                             <input type="hidden" name="mb_mailling_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_mailling']) ? $row['mb_mailling'] : '0'; ?> " id="mb_mailling_default_<?php echo $i; ?>">
                         </td>
@@ -281,12 +281,6 @@ $colspan = 16;
                         <td headers="mb_list_nick" class="td_name sv_use">
                             <div><?php echo $mb_nick ?></div>
                         </td>
-
-                        <td headers="mb_list_sms">
-                            <label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
-                            <input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
-                            <input type="hidden" name="mb_sms_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_sms']) ? $row['mb_sms'] : '0'; ?> " id="mb_sms_default_<?php echo $i; ?>">
-                        </td>
                         <td headers="mb_list_adultc">
                             <label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
                             <input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult'] ? 'checked' : ''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
@@ -297,6 +291,11 @@ $colspan = 16;
                                 <label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
                             <?php } ?>
                         </td>
+                        <td headers="mb_list_sms">
+                            <label for="mb_sms_<?php echo $i; ?>" class="sound_only">광고성SMS/카카오톡수신</label>
+                            <input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
+                            <input type="hidden" name="mb_sms_default[<?php echo $i; ?>]" value="<?php echo isset($row['mb_sms']) ? $row['mb_sms'] : '0'; ?> " id="mb_sms_default_<?php echo $i; ?>">
+                        </td>
                         <td headers="mb_list_auth" class="td_mbstat">
                             <?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
                         </td>
diff --git a/adm/shop_admin/configformupdate.php b/adm/shop_admin/configformupdate.php
index adfb06ea8..adf10c60c 100644
--- a/adm/shop_admin/configformupdate.php
+++ b/adm/shop_admin/configformupdate.php
@@ -64,6 +64,8 @@ foreach($check_skin_keys as $key){
     if( isset($_POST[$key]) && preg_match('#\.+(\/|\\\)#', $_POST[$key]) ){
         alert('스킨설정에 유효하지 문자가 포함되어 있습니다.');
     }
+    
+    $$key = $_POST[$key] = sql_real_escape_string($_POST[$key]);
 }
 
 // 현금영수증 발급수단
diff --git a/adm/shop_admin/itemeventform.php b/adm/shop_admin/itemeventform.php
index 1ec6b43c9..a12967713 100644
--- a/adm/shop_admin/itemeventform.php
+++ b/adm/shop_admin/itemeventform.php
@@ -67,7 +67,9 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
     for ($i=0; $i<$len; $i++)
         $nbsp .= "&nbsp;&nbsp;&nbsp;";
 
-    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
+    // 전체 카테고리 경로 표시
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
 }
 
 // 모바일 1줄당 이미지수 필드 추가
diff --git a/adm/shop_admin/itemeventlist.php b/adm/shop_admin/itemeventlist.php
index ce1f81695..a05e56676 100644
--- a/adm/shop_admin/itemeventlist.php
+++ b/adm/shop_admin/itemeventlist.php
@@ -107,7 +107,9 @@ if($ev_id) {
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemform.php b/adm/shop_admin/itemform.php
index 0f6ec2a11..0961a2d0c 100644
--- a/adm/shop_admin/itemform.php
+++ b/adm/shop_admin/itemform.php
@@ -146,9 +146,11 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
     $nbsp = "";
     for ($i=0; $i<$len; $i++)
         $nbsp .= "&nbsp;&nbsp;&nbsp;";
-
-    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
-
+    
+    // 전체 카테고리 경로 표시 (예: 남성의류 > 상의 > 셔츠)
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $category_select .= "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
+    
     $script .= "ca_use['{$row['ca_id']}'] = {$row['ca_use']};\n";
     $script .= "ca_stock_qty['{$row['ca_id']}'] = {$row['ca_stock_qty']};\n";
     //$script .= "ca_explan_html['$row[ca_id]'] = $row[ca_explan_html];\n";
@@ -1394,7 +1396,9 @@ $(function(){
                             for ($i=0; $i<$len; $i++)
                                 $nbsp .= "&nbsp;&nbsp;&nbsp;";
 
-                            echo "<option value=\"{$row['ca_id']}\">$nbsp{$row['ca_name']}</option>\n";
+                            // 전체 카테고리 경로 표시
+                            $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+                            echo "<option value=\"{$row['ca_id']}\">$nbsp{$category_path}</option>\n";
                         }
                     ?>
                 </select>
diff --git a/adm/shop_admin/itemlist.php b/adm/shop_admin/itemlist.php
index 7556fb408..a0c2e38bc 100644
--- a/adm/shop_admin/itemlist.php
+++ b/adm/shop_admin/itemlist.php
@@ -25,7 +25,8 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
     for ($i=0; $i<$len; $i++) {
         $nbsp .= '&nbsp;&nbsp;&nbsp;';
     }
-    $ca_list .= '<option value="'.$row['ca_id'].'">'.$nbsp.$row['ca_name'].'</option>'.PHP_EOL;
+    $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row['ca_id']) : $row['ca_name'];
+    $ca_list .= '<option value="'.$row['ca_id'].'">'.$nbsp.$category_path.'</option>'.PHP_EOL;
 }
 
 $where = " and ";
@@ -100,7 +101,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = '';
         for ($i=0; $i<$len; $i++) $nbsp .= '&nbsp;&nbsp;&nbsp;';
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemqalist.php b/adm/shop_admin/itemqalist.php
index f8f79b3da..2230bf5c3 100644
--- a/adm/shop_admin/itemqalist.php
+++ b/adm/shop_admin/itemqalist.php
@@ -79,7 +79,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
         $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : '';
-        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemsellrank.php b/adm/shop_admin/itemsellrank.php
index b1e387d58..57be153b7 100644
--- a/adm/shop_admin/itemsellrank.php
+++ b/adm/shop_admin/itemsellrank.php
@@ -83,7 +83,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemstocklist.php b/adm/shop_admin/itemstocklist.php
index c55fddde8..9329dc3c5 100644
--- a/adm/shop_admin/itemstocklist.php
+++ b/adm/shop_admin/itemstocklist.php
@@ -82,7 +82,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemtypelist.php b/adm/shop_admin/itemtypelist.php
index a7b175b37..0587363fb 100644
--- a/adm/shop_admin/itemtypelist.php
+++ b/adm/shop_admin/itemtypelist.php
@@ -98,7 +98,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sca, $row1['ca_id']).'>'.$nbsp.$category_path.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/itemuselist.php b/adm/shop_admin/itemuselist.php
index cbd5e40a0..aa4ffadf9 100644
--- a/adm/shop_admin/itemuselist.php
+++ b/adm/shop_admin/itemuselist.php
@@ -81,7 +81,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
         $selected = ($row1['ca_id'] == $sca) ? ' selected="selected"' : '';
-        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'"'.$selected.'>'.$nbsp.$category_path.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/optionstocklist.php b/adm/shop_admin/optionstocklist.php
index fe035f6c3..814688d3a 100644
--- a/adm/shop_admin/optionstocklist.php
+++ b/adm/shop_admin/optionstocklist.php
@@ -84,7 +84,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$row1['ca_name'].'</option>'.PHP_EOL;
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo '<option value="'.$row1['ca_id'].'" '.get_selected($sel_ca_id, $row1['ca_id']).'>'.$nbsp.$category_path.'</option>'.PHP_EOL;
     }
     ?>
 </select>
diff --git a/adm/shop_admin/wishlist.php b/adm/shop_admin/wishlist.php
index b54e3bb8c..f0f543daa 100644
--- a/adm/shop_admin/wishlist.php
+++ b/adm/shop_admin/wishlist.php
@@ -71,7 +71,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
         $len = strlen($row1['ca_id']) / 2 - 1;
         $nbsp = "";
         for ($i=0; $i<$len; $i++) $nbsp .= "&nbsp;&nbsp;&nbsp;";
-        echo "<option value='{$row1['ca_id']}'".get_selected($row1['ca_id'], $sel_ca_id).">$nbsp{$row1['ca_name']}\n";
+        // 전체 카테고리 경로 표시
+        $category_path = function_exists('get_shop_category_path') ? get_shop_category_path($row1['ca_id']) : $row1['ca_name'];
+        echo "<option value='{$row1['ca_id']}'".get_selected($row1['ca_id'], $sel_ca_id).">$nbsp{$category_path}\n";
     }
     ?>
 </select>
diff --git a/bbs/formmail_send.php b/bbs/formmail_send.php
index 76fab9eea..635f4aca6 100644
--- a/bbs/formmail_send.php
+++ b/bbs/formmail_send.php
@@ -40,6 +40,12 @@ if ($type) {
 else
     $mail_content = $content;
 
+// 환경설정에서 폼메일 사용 여부가 회원만 사용에 체크되어 있으면
+if ($config['cf_formmail_is_member']) {
+    $fnick = (isset($member['mb_nick']) && $member['mb_nick']) ? $member['mb_nick'] : $member['mb_name'];
+    $fmail = $member['mb_email'];
+}
+
 mailer($fnick, $fmail, $to, $subject, $mail_content, $type, $file);
 
 // 임시 첨부파일 삭제
diff --git a/bbs/write.php b/bbs/write.php
index 2192934ca..e9371cbef 100644
--- a/bbs/write.php
+++ b/bbs/write.php
@@ -346,8 +346,10 @@ if ($w == '') {
     }
 
     for($i=0;$i<$file_count;$i++){
-        if(! isset($file[$i])) {
+        if (!isset($file[$i])) {
             $file[$i] = array('file'=>null, 'source'=>null, 'size'=>null, 'bf_content' => null);
+        } else {
+            $file[$i]['bf_content'] = isset($file[$i]['bf_content']) ? htmlspecialchars($file[$i]['bf_content'], ENT_QUOTES, 'UTF-8', false) : null;
         }
     }
 
diff --git a/config.php b/config.php
index b636b0338..17f40a0a5 100644
--- a/config.php
+++ b/config.php
@@ -173,7 +173,7 @@ define('G5_DIR_PERMISSION',  0755); // 디렉토리 생성시 퍼미션
 define('G5_FILE_PERMISSION', 0644); // 파일 생성시 퍼미션
 
 // 모바일 인지 결정 $_SERVER['HTTP_USER_AGENT']
-define('G5_MOBILE_AGENT',   'phone|samsung|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony');
+define('G5_MOBILE_AGENT',   'phone|samsung.*mobile|lgtel|mobile|[^A]skt|nokia|blackberry|BB10|android|sony');
 
 // SMTP
 // lib/mailer.lib.php 에서 사용
diff --git a/install/install_db.php b/install/install_db.php
index f2cba5b4c..7a143b5a6 100644
--- a/install/install_db.php
+++ b/install/install_db.php
@@ -158,7 +158,7 @@ if ($g5_install || $is_install === false) {
                     cf_theme = 'basic',
                     cf_admin = '$admin_id',
                     cf_admin_email = '$admin_email',
-                    cf_admin_email_name = '".G5_VERSION."',
+                    cf_admin_email_name = '".G5_VERSION.'_'.substr(base_convert(mt_rand(), 10, 36), 0, 6)."',
                     cf_use_point = '1',
                     cf_use_copy_log = '1',
                     cf_login_point = '100',
diff --git a/lib/common.lib.php b/lib/common.lib.php
index e5b436715..fd55ae585 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -3951,10 +3951,16 @@ class str_encrypt
 
     function __construct($salt='')
     {
-        if(!$salt)
-            $this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr(G5_MYSQL_USER, -1), $_SERVER['SERVER_SOFTWARE'].$_SERVER['DOCUMENT_ROOT']));
-        else
+        global $config;
+        
+        if (!$salt) {
+            $config_hash = md5(serialize(array($config['cf_title'], $config['cf_theme'], $config['cf_admin_email_name'], $config['cf_login_point'], $config['cf_memo_send_point'])));
+            
+            //$this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+            $this->salt = hash('sha256', preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+        } else {
             $this->salt = $salt;
+        }
 
         $this->length = strlen($this->salt);
     }
diff --git a/lib/shop.lib.php b/lib/shop.lib.php
index 6a9693298..130b077d8 100644
--- a/lib/shop.lib.php
+++ b/lib/shop.lib.php
@@ -2461,7 +2461,7 @@ function get_itemuselist_thumbnail($it_id, $contents, $thumb_width, $thumb_heigh
 }
 
 function shop_is_taxsave($od, $is_view_receipt=false){
-	global $default, $is_memeber;
+	global $default, $is_member;
 
 	$od_pay_type = '';
 
@@ -2770,6 +2770,50 @@ function get_item_images_info($it, $size=array(), $image_width=0, $image_height=
     return $images; 
 }
 
+// 카테고리 전체 경로를 가져오는 함수 (예: 남성의류 > 상의 > 셔츠)
+function get_shop_category_path($ca_id, $separator = ' &gt; ')
+{
+    global $g5;
+    static $category_cache = array(); // 카테고리명 캐시
+    static $path_cache = array();     // 경로 캐시
+
+    if (!$ca_id) return '';
+
+    // 동일한 separator로 이미 조회한 경로가 있으면 캐시에서 반환
+    $cache_key = $ca_id . '|' . $separator;
+    if (isset($path_cache[$cache_key])) {
+        return $path_cache[$cache_key];
+    }
+
+    $path_arr = array();
+    $ca_id_len = strlen($ca_id);
+
+    // 카테고리 ID를 2자리씩 분할하여 각 단계의 카테고리명을 조회
+    for ($i = 2; $i <= $ca_id_len; $i += 2) {
+        $current_ca_id = substr($ca_id, 0, $i);
+
+        // 캐시에 없으면 DB 조회
+        if (!isset($category_cache[$current_ca_id])) {
+            $sql = " select ca_name from {$g5['g5_shop_category_table']} where ca_id = '$current_ca_id' ";
+            $row = sql_fetch($sql);
+            if ($row) {
+                $category_cache[$current_ca_id] = $row['ca_name'];
+            } else {
+                $category_cache[$current_ca_id] = '';
+            }
+        }
+
+        if ($category_cache[$current_ca_id]) {
+            $path_arr[] = $category_cache[$current_ca_id];
+        }
+    }
+
+    $result = implode($separator, $path_arr);
+    $path_cache[$cache_key] = $result; // 결과를 캐시에 저장
+
+    return $result;
+}
+
 function check_payment_method($od_settle_case) {
     global $default;
 
diff --git a/lib/thumbnail.lib.php b/lib/thumbnail.lib.php
index 3b473895c..f8646131b 100644
--- a/lib/thumbnail.lib.php
+++ b/lib/thumbnail.lib.php
@@ -275,11 +275,10 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
     $thumb_filename = preg_replace("/\.[^\.]+$/i", "", $filename); // 확장자제거
     // $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$ext[$size[2]];
     $thumb_file = "$target_path/thumb-{$thumb_filename}_{$thumb_width}x{$thumb_height}.".$file_ext;
-    
-    $thumb_time = @filemtime($thumb_file);
-    $source_time = @filemtime($source_file);
 
     if (file_exists($thumb_file)) {
+        $thumb_time = @filemtime($thumb_file);
+        $source_time = @filemtime($source_file);
         if ($is_create == false && $source_time < $thumb_time) {
             return basename($thumb_file);
         }
diff --git a/mobile/shop/orderform.sub.php b/mobile/shop/orderform.sub.php
index 05a2ee8e8..ca2fd5688 100644
--- a/mobile/shop/orderform.sub.php
+++ b/mobile/shop/orderform.sub.php
@@ -1499,8 +1499,8 @@ function pay_approval()
                 break;
         }
         f.method.value = pay_method;
-        f.orderId.value = '<?=$od_id?>';
-        f.orderName.value = '<?=$goods?>';
+        f.orderId.value = "<?php echo $od_id; ?>";
+        f.orderName.value = "<?php echo $goods; ?>";
 
         f.customerName.value = pf.od_name.value;
         f.customerEmail.value = pf.od_email.value;
@@ -1523,6 +1523,10 @@ function pay_approval()
 
         f.amountCurrency.value = 'KRW';
         f.amountValue.value = f.good_mny.value;
+        if (pf && pf.amountValue) {
+            pf.amountValue.value = f.good_mny.value;
+        }
+        
         <?php if($default['de_tax_flag_use']) { ?>
         f.taxFreeAmount.value = pf.comm_free_mny.value;
         <?php } ?>
diff --git a/mobile/shop/personalpayformupdate.php b/mobile/shop/personalpayformupdate.php
index c0da09f7b..fda4492e8 100644
--- a/mobile/shop/personalpayformupdate.php
+++ b/mobile/shop/personalpayformupdate.php
@@ -183,7 +183,7 @@ if((int)$pp['pp_price'] !== (int)$pg_price) {
             include G5_SHOP_PATH.'/lg/xpay_cancel.php';
             break;
         case 'toss':
-            include G5_SHOP_PATH.'/toss/toss_result.php';
+            include G5_SHOP_PATH.'/toss/toss_cancel.php';
             break;
         case 'inicis':
             include G5_SHOP_PATH.'/inicis/inipay_cancel.php';
@@ -271,7 +271,7 @@ if($pp_receipt_price > 0 && $pp['pp_id'] && $pp['od_id']) {
                 include G5_SHOP_PATH.'/lg/xpay_cancel.php';
                 break;
             case 'toss':
-                include G5_SHOP_PATH.'/toss/toss_result.php';
+                include G5_SHOP_PATH.'/toss/toss_cancel.php';
                 break;
             case 'inicis':
                 include G5_SHOP_PATH.'/inicis/inipay_cancel.php';
diff --git a/mobile/shop/toss/toss_approval.php b/mobile/shop/toss/toss_approval.php
index 84963ab91..5d7db7042 100644
--- a/mobile/shop/toss/toss_approval.php
+++ b/mobile/shop/toss/toss_approval.php
@@ -90,7 +90,7 @@ foreach($payReqMap as $key => $value) {
 * 수정불가.
 */
 const clientKey = "<?php echo $config['cf_toss_client_key']; ?>";
-const customerKey = "<?php echo isset($member['mb_id']) ? $member['mb_id'] : ''; ?>";
+const customerKey = "<?php echo $is_member ? $member['mb_id'] : md5(get_session('ss_order_id')); ?>";
 const tossPayments = TossPayments(clientKey);
 
 const payment = tossPayments.payment({ customerKey });
diff --git a/shop/naverpay/naverpay_order.php b/shop/naverpay/naverpay_order.php
index 7d98b317a..840b493fb 100644
--- a/shop/naverpay/naverpay_order.php
+++ b/shop/naverpay/naverpay_order.php
@@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');
 
+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $pattern = '#[/\'\"%=*\#\(\)\|\+\&\!\$~\{\}\[\]`;:\?\^\,]#';
 $post_naverpay_form = isset($_POST['naverpay_form']) ? clean_xss_tags($_POST['naverpay_form']) : '';
 
@@ -98,7 +100,8 @@ for($i=0; $i<$count; $i++) {
     $opt_count = (isset($_POST['io_id'][$it_id]) && is_array($_POST['io_id'][$it_id])) ? count($_POST['io_id'][$it_id]) : 0;
     
     if( ! $it_id) continue;
-
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;
+    
     if($opt_count && $_POST['io_type'][$it_id][0] != 0)
         return_error2json('상품의 선택옵션을 선택해 주십시오.');
 
diff --git a/shop/naverpay/naverpay_wish.php b/shop/naverpay/naverpay_wish.php
index 9e62bf486..6ccd3c34a 100644
--- a/shop/naverpay/naverpay_wish.php
+++ b/shop/naverpay/naverpay_wish.php
@@ -3,6 +3,8 @@ include_once('./_common.php');
 include_once(G5_SHOP_PATH.'/settle_naverpay.inc.php');
 include_once(G5_LIB_PATH.'/naverpay.lib.php');
 
+if (!(defined('G5_SHOP_USE_NAVERPAY') && G5_SHOP_USE_NAVERPAY)) return;
+
 $count = (isset($_POST['it_id']) && is_array($_POST['it_id'])) ? count($_POST['it_id']) : 0;
 
 if ($count < 1)
@@ -13,6 +15,8 @@ $item  = '';
 
 for($i=0; $i<$count; $i++) {
     $it_id = isset($_POST['it_id']) ? $_POST['it_id'][$i] : '';
+    
+    if (!preg_match('/^[a-zA-Z0-9_-]+$/', $it_id)) continue;
 
     // 상품정보
     $it = get_shop_item($it_id, true);
diff --git a/shop/orderinquiryview.php b/shop/orderinquiryview.php
index bba85f21f..9388041e2 100644
--- a/shop/orderinquiryview.php
+++ b/shop/orderinquiryview.php
@@ -410,13 +410,13 @@ if($od['od_pg'] == 'lg') {
                 // 현금영수증 발급을 사용하는 경우에만
                 if ((function_exists('shop_is_taxsave') && shop_is_taxsave($od)) || (function_exists('is_order_cashreceipt') && is_order_cashreceipt($od))) {
                     // 미수금이 없고 현금일 경우에만 현금영수증을 발급 할 수 있습니다.
-                    if ($misu_price == 0 && is_order_cashreceipt($od)) {
+                    if ($misu_price == 0) {
                 ?>
                 <tr>
                     <th scope="row">현금영수증</th>
                     <td>
                     <?php
-                    if ($od['od_cash'])
+                    if ($od['od_cash'] && is_order_cashreceipt($od))
                     {
                         if($od['od_pg'] == 'lg') {
                             require_once G5_SHOP_PATH.'/settle_lg.inc.php';
diff --git a/shop/settle_naverpay.inc.php b/shop/settle_naverpay.inc.php
index 93c4b501b..808d8e393 100644
--- a/shop/settle_naverpay.inc.php
+++ b/shop/settle_naverpay.inc.php
@@ -15,6 +15,8 @@ if(basename($_SERVER['SCRIPT_NAME']) == 'item.php') {
         return;
 }
 
+define('G5_SHOP_USE_NAVERPAY', 1);
+
 $naverpay_button_js = '';
 
 $is_mobile_order = is_mobile();
diff --git a/shop/toss/orderform.1.php b/shop/toss/orderform.1.php
index bf1727e89..509be6904 100644
--- a/shop/toss/orderform.1.php
+++ b/shop/toss/orderform.1.php
@@ -13,7 +13,7 @@ if($default['de_iche_use'] || $default['de_vbank_use'] || $default['de_hp_use']
 * 수정불가.
 */
 const clientKey = "<?php echo $config['cf_toss_client_key']; ?>";
-const customerKey = "<?php echo isset($member['mb_id']) ? $member['mb_id'] : ''; ?>";
+const customerKey = "<?php echo $is_member ? $member['mb_id'] : md5(get_session('ss_order_id')); ?>";
 const tossPayments = TossPayments(clientKey);
 
 const payment = tossPayments.payment({ customerKey });
diff --git a/shop/toss/toss_result.php b/shop/toss/toss_result.php
index 6e86aa212..e22bcf64d 100644
--- a/shop/toss/toss_result.php
+++ b/shop/toss/toss_result.php
@@ -16,9 +16,9 @@ $row = sql_fetch($sql);
 
 $data = isset($row['dt_data']) ? unserialize(base64_decode($row['dt_data'])) : array();
 
-$amount = isset($data['amountValue']) ? $data['amountValue'] : 0;
+$amount = isset($data['amountValue']) ? (int)$data['amountValue'] : 0;
 
-if ($amount <= 0) {
+if ($amount <= 0 || $amount !== (int)$order_price) {
     alert('결제금액이 올바르지 않습니다.', G5_SHOP_URL);
 }
 
diff --git a/theme/basic/shop/orderinquiryview.php b/theme/basic/shop/orderinquiryview.php
index 868f81771..6297329a2 100644
--- a/theme/basic/shop/orderinquiryview.php
+++ b/theme/basic/shop/orderinquiryview.php
@@ -536,13 +536,13 @@ if($od['od_pg'] == 'lg') {
                 // 현금영수증 발급을 사용하는 경우 또는 현금영수증 발급을 한 주문건이면
 	            if ((function_exists('shop_is_taxsave') && shop_is_taxsave($od)) || (function_exists('is_order_cashreceipt') && is_order_cashreceipt($od))) {
 	                // 미수금이 없고 현금일 경우에만 현금영수증을 발급 할 수 있습니다.
-	                if ($misu_price == 0 && is_order_cashreceipt($od)) {
+	                if ($misu_price == 0) {
 	            ?>
 	            <li>
 	                <strong class="letter-2px">현금영수증</strong>
 	                <span>
 	                <?php
-	                if ($od['od_cash'])
+	                if ($od['od_cash'] && is_order_cashreceipt($od))
 	                {
 	                    if($od['od_pg'] == 'lg') {
 	                        require_once G5_SHOP_PATH.'/settle_lg.inc.php';
diff --git a/version.php b/version.php
index 5ccc21669..f23064575 100644
--- a/version.php
+++ b/version.php
@@ -2,7 +2,7 @@
 if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 
 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.6.23');
+define('G5_GNUBOARD_VER', '5.6.24');
 // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617)
 // G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함
 // 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다.