[KVE-2019-0008, 0014, 0029] 영카트 XSS 및 SQL Injection 취약점 수정
This commit is contained in:
thisgun
@ -320,7 +320,7 @@ else // 장바구니에 담기
|
||||
else if($it['it_sc_type'] > 1 && $it['it_sc_method'] == 1)
|
||||
$ct_send_cost = 1; // 착불
|
||||
|
||||
$io_value = sql_real_escape_string($io_value);
|
||||
$io_value = sql_real_escape_string(strip_tags($io_value));
|
||||
$remote_addr = get_real_client_ip();
|
||||
|
||||
$sql .= $comma."( '$tmp_cart_id', '{$member['mb_id']}', '{$it['it_id']}', '".addslashes($it['it_name'])."', '{$it['it_sc_type']}', '{$it['it_sc_method']}', '{$it['it_sc_price']}', '{$it['it_sc_minimum']}', '{$it['it_sc_qty']}', '쇼핑', '{$it['it_price']}', '$point', '0', '0', '$io_value', '$ct_qty', '{$it['it_notax']}', '$io_id', '$io_type', '$io_price', '".G5_TIME_YMDHIS."', '$remote_addr', '$ct_send_cost', '$sw_direct', '$ct_select', '$ct_select_time' )";
|
||||
|
||||
@ -361,7 +361,7 @@ if($is_kakaopay_use) {
|
||||
$result = sql_query($sql);
|
||||
for($i=0; $row=sql_fetch_array($result); $i++) {
|
||||
$val1 = $row['ad_name'].$sep.$row['ad_tel'].$sep.$row['ad_hp'].$sep.$row['ad_zip1'].$sep.$row['ad_zip2'].$sep.$row['ad_addr1'].$sep.$row['ad_addr2'].$sep.$row['ad_addr3'].$sep.$row['ad_jibeon'].$sep.$row['ad_subject'];
|
||||
$val2 = '<label for="ad_sel_addr_'.($i+1).'">최근배송지('.($row['ad_subject'] ? $row['ad_subject'] : $row['ad_name']).')</label>';
|
||||
$val2 = '<label for="ad_sel_addr_'.($i+1).'">최근배송지('.($row['ad_subject'] ? get_text($row['ad_subject']) : get_text($row['ad_name'])).')</label>';
|
||||
$addr_list .= '<input type="radio" name="ad_sel_addr" value="'.get_text($val1).'" id="ad_sel_addr_'.($i+1).'"> '.PHP_EOL.$val2.PHP_EOL;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user