KVE-2018-366, 379, 397 취약점 수정

2018-06-05 11:33:12 +09:00
parent a069ec6c93
commit d7cf0ce39d
6 changed files with 16 additions and 13 deletions
--- a/adm/sms_admin/form_list.php
+++ b/adm/sms_admin/form_list.php
@ -13,6 +13,8 @@ $g5['title'] = "이모티콘 관리";

 if ($page < 1) $page = 1;

+$fg_no = isset($fg_no) ? (int) $fg_no : '';
+
 if (is_numeric($fg_no))
    $sql_group = " and fg_no='$fg_no' ";
 else
--- a/adm/sms_admin/num_book.php
+++ b/adm/sms_admin/num_book.php
@ -14,6 +14,7 @@ $g5['title'] = "휴대폰번호 관리";
 if ($page < 1) $page = 1;

 $bg_no = isset($bg_no) ? (int) $bg_no : 0;
+$st = isset($st) ? preg_replace('/[^a-z0-9]/i', '', $st) : '';

 if (is_numeric($bg_no))
    $sql_group = " and bg_no='$bg_no' ";