firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드, 영카트 다중 취약점 (18-062, 092, 101, 102) 수정

Browse Source
This commit is contained in:
thisgun
2018-03-12 18:14:19 +09:00
parent 81b39b59c3
commit d7b5c9a4bd
4 changed files with 32 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
adm/sms_admin/emoticon_move.php
View File

@ -11,7 +11,8 @@ auth_check($auth[$sub_menu], "r");
$g5['title'] = '이모티콘그룹 이동';
include_once(G5_PATH.'/head.sub.php');
$fo_no_list = implode(',', $_POST['fo_no']);
$list = array(); //배열 변수 초기화
$fo_no_list = isset($_POST['fo_no']) ? implode(',', $_POST['fo_no']) : '';
$sql = " select * from {$g5['sms5_form_group_table']} order by fg_no ";
$result = sql_query($sql);
@ -27,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
<form name="fboardmoveall" method="post" action="./emoticon_move_update.php" onsubmit="return fboardmoveall_submit(this);">
<input type="hidden" name="sw" value="<?php echo $sw ?>">
<input type="hidden" name="fo_no_list" value="<?php echo $fo_no_list ?>">
<input type="hidden" name="url" value="<?php echo $_SERVER['HTTP_REFERER'] ?>">
<input type="hidden" name="url" value="<?php echo clean_xss_tags(strip_tags($_SERVER['HTTP_REFERER'])); ?>">
<div class="tbl_head01 tbl_wrap">
<table>