Skip to content
This repository has been archived by the owner on Jun 24, 2021. It is now read-only.

Commit

Permalink
[KVE-2019-0436 취약점] 수정
Browse files Browse the repository at this point in the history
  • Loading branch information
@thisgun
thisgun committed Mar 19, 2019
1 parent 07993f6 commit 30c9c5a
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions adm/shop_admin/itemformupdate.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@
// input vars 체크
check_input_vars();

$ca_id = isset($ca_id) ? preg_replace('/[^0-9a-z]/i', '', $ca_id) : '';
$ca_id2 = isset($ca_id2) ? preg_replace('/[^0-9a-z]/i', '', $ca_id2) : '';
$ca_id3 = isset($ca_id3) ? preg_replace('/[^0-9a-z]/i', '', $ca_id3) : '';

// 파일정보
if($w == "u") {
$sql = " select it_img1, it_img2, it_img3, it_img4, it_img5, it_img6, it_img7, it_img8, it_img9, it_img10
Expand Down

0 comments on commit 30c9c5a

Please sign in to comment.