diff --git a/adm/mail_form.php b/adm/mail_form.php
index 547beadf0..a95035be2 100644
--- a/adm/mail_form.php
+++ b/adm/mail_form.php
@@ -10,6 +10,8 @@ $html_title = '회원메일';
 if ($w == 'u') {
     $html_title .= '수정';
     $readonly = ' readonly';
+    
+    $ma_id = (int) $ma_id;
 
     $sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
     $ma = sql_fetch($sql);
diff --git a/adm/mail_update.php b/adm/mail_update.php
index ff539cd55..68c85ae71 100644
--- a/adm/mail_update.php
+++ b/adm/mail_update.php
@@ -9,11 +9,13 @@ auth_check($auth[$sub_menu], 'w');
 
 check_admin_token();
 
+$ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
+$ma_subject = isset($_POST['ma_subject']) ? strip_tags($_POST['ma_subject']) : '';
+
 if ($w == '')
 {
     $sql = " insert {$g5['mail_table']}
-                set ma_id = '{$_POST['ma_id']}',
-                     ma_subject = '{$_POST['ma_subject']}',
+                set ma_subject = '{$ma_subject}',
                      ma_content = '{$_POST['ma_content']}',
                      ma_time = '".G5_TIME_YMDHIS."',
                      ma_ip = '{$_SERVER['REMOTE_ADDR']}' ";
@@ -22,16 +24,16 @@ if ($w == '')
 else if ($w == 'u')
 {
     $sql = " update {$g5['mail_table']}
-                set ma_subject = '{$_POST['ma_subject']}',
+                set ma_subject = '{$ma_subject}',
                      ma_content = '{$_POST['ma_content']}',
                      ma_time = '".G5_TIME_YMDHIS."',
                      ma_ip = '{$_SERVER['REMOTE_ADDR']}'
-                where ma_id = '{$_POST['ma_id']}' ";
+                where ma_id = '{$ma_id}' ";
     sql_query($sql);
 }
 else if ($w == 'd')
 {
-	$sql = " delete from {$g5['mail_table']} where ma_id = '{$_POST['ma_id']}' ";
+	$sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
     sql_query($sql);
 }