firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2018-0684 영카트 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2018-09-06 10:44:31 +09:00
parent ddbb2dd4e5
commit d21010276a
11 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/shop_admin/bannerform.php
View File

@ -74,7 +74,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
<th scope="row"><label for="bn_alt">이미지 설명</label></th> <th scope="row"><label for="bn_alt">이미지 설명</label></th>
<td> <td>
<?php echo help("img 태그의 alt, title 에 해당되는 내용입니다.\n배너에 마우스를 오버하면 이미지의 설명이 나옵니다."); ?> <?php echo help("img 태그의 alt, title 에 해당되는 내용입니다.\n배너에 마우스를 오버하면 이미지의 설명이 나옵니다."); ?>
<input type="text" name="bn_alt" value="<?php echo $bn['bn_alt']; ?>" id="bn_alt" class="frm_input" size="80"> <input type="text" name="bn_alt" value="<?php echo get_text($bn['bn_alt']); ?>" id="bn_alt" class="frm_input" size="80">
</td> </td>
</tr> </tr>
<tr> <tr>

1
adm/shop_admin/bannerformupdate.php
View File

@ -35,6 +35,7 @@ if( $bn_bimg || $bn_bimg_name ){
} }
$bn_url = clean_xss_tags($bn_url); $bn_url = clean_xss_tags($bn_url);
$bn_alt = function_exists('clean_xss_attributes') ? clean_xss_attributes(strip_tags($bn_alt)) : strip_tags($bn_alt);
if ($w=="") if ($w=="")
{ {

2
adm/shop_admin/bannerlist.php
View File

@ -68,7 +68,7 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
$bn_img = ""; $bn_img = "";
$bn_img .= '<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$width.'" alt="'.$row['bn_alt'].'">'; $bn_img .= '<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$width.'" alt="'.get_text($row['bn_alt']).'">';
} }
switch($row['bn_device']) { switch($row['bn_device']) {

2
mobile/skin/shop/basic/boxbanner.skin.php
View File

@ -27,7 +27,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'&amp;url='.urlencode($row['bn_url']).'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'&amp;url='.urlencode($row['bn_url']).'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;

2
mobile/skin/shop/basic/mainbanner.10.skin.php
View File

@ -42,7 +42,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</div>'.PHP_EOL; echo '</div>'.PHP_EOL;

2
skin/shop/basic/boxbanner.skin.php
View File

@ -28,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;

2
skin/shop/basic/mainbanner.10.skin.php
View File

@ -46,7 +46,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;

2
theme/basic/mobile/skin/shop/basic/boxbanner.skin.php
View File

@ -27,7 +27,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'&amp;url='.urlencode($row['bn_url']).'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'&amp;url='.urlencode($row['bn_url']).'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;

2
theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php
View File

@ -42,7 +42,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</div>'.PHP_EOL; echo '</div>'.PHP_EOL;

2
theme/basic/skin/shop/basic/boxbanner.skin.php
View File

@ -28,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;

2
theme/basic/skin/shop/basic/mainbanner.10.skin.php
View File

@ -46,7 +46,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') { else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>'; $banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
} }
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>'; echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner) if($banner)
echo '</a>'.PHP_EOL; echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL; echo '</li>'.PHP_EOL;