[웹드로우] 영카트5 보안업데이트 5.0.39

페이지 정보

조회 2,581회 작성일 2015-06-29 18:50 URL https://webdraw.kr/notice/358

본문

** 수정내역 ** 

 

XSS 및 CSRF 취약점(15-266) 수정 (한국인터넷진흥원 인터넷침해대응본부 방성천님이 알려주셨습니다.) 

 

https://github.com/gnuboard/youngcart5/commit/24910cd3914c05660aa84cfa4310491be1da9dbd 

 

1365f50 CSRF 취약점 수정 

327369a 버전변경 

M      config.php 

c56498a CSRF 취약점 수정 

M      adm/newwinformupdate.php 

M      bbs/poll_etc_update.php 

M      bbs/scrap_popin_update.php 

b4b2bce KG로지스 추가 

M      extend/shop.extend.php 

705a2ea PHP_SELF 를 SCRIPT_NAME 으로 변경 

M      adm/shop_admin/bannerlist.php 

M      adm/shop_admin/categorylist.php 

M      adm/shop_admin/couponlist.php 

M      adm/shop_admin/itemeventlist.php 

M      adm/shop_admin/itemlist.php 

M      adm/shop_admin/itemqalist.php 

M      adm/shop_admin/itemsellrank.php 

M      adm/shop_admin/itemstocklist.php 

M      adm/shop_admin/itemstocksms.php 

M      adm/shop_admin/itemtypelist.php 

M      adm/shop_admin/itemuselist.php 

M      adm/shop_admin/optionstocklist.php 

M      adm/shop_admin/orderlist.php 

M      adm/shop_admin/personalpaylist.php 

M      adm/shop_admin/sendcostlist.php 

M      adm/shop_admin/wishlist.php 

M      lib/shop.lib.php 

M      mobile/shop/event.php 

M      mobile/shop/list.php 

M      mobile/shop/listtype.php 

M      mobile/shop/orderaddress.php 

M      mobile/shop/orderinquiry.php 

M      mobile/shop/personalpay.php 

M      mobile/shop/personalpayformupdate.php 

M      mobile/shop/search.php 

M      mobile/shop/shop.head.php 

M      mobile/shop/shop.tail.php 

M      mobile/skin/shop/basic/itemqalist.skin.php 

M      mobile/skin/shop/basic/itemuselist.skin.php 

M      mobile/skin/shop/basic/list.sort.skin.php 

M      shop/event.php 

M      shop/list.php 

M      shop/listtype.php 

M      shop/orderaddress.php 

M      shop/ordererrormail.php 

M      shop/orderinquiry.php 

M      shop/personalpay.php 

M      shop/personalpayformupdate.php 

M      shop/search.php 

M      shop/settle_kcp_common.php 

M      shop/shop.head.php 

M      shop/shop.tail.php 

M      skin/shop/basic/itemqalist.skin.php 

M      skin/shop/basic/itemuselist.skin.php 

M      skin/shop/basic/list.sort.skin.php 

9b4431f Merge branch 'g5' 

808ac0f PHP_SELF 를 SCRIPT_NAME 으로 변경 

M      adm/admin.lib.php 

M      adm/auth_list.php 

M      adm/board_list.php 

M      adm/boardgroup_list.php 

M      adm/boardgroupmember_list.php 

M      adm/contentlist.php 

M      adm/faqmasterlist.php 

M      adm/index.php 

M      adm/member_list.php 

M      adm/point_list.php 

M      adm/poll_list.php 

M      adm/popular_list.php 

M      adm/popular_rank.php 

M      adm/sms_admin/_common.php 

M      adm/sms_admin/ajax.sms_write_person.php 

M      adm/sms_admin/form_list.php 

M      adm/sms_admin/history_list.php 

M      adm/sms_admin/history_member.php 

M      adm/sms_admin/history_num.php 

M      adm/sms_admin/history_view.php 

M      adm/sms_admin/install.php 

M      adm/sms_admin/num_book.php 

M      adm/sms_admin/sms_write_form.php 

M      adm/visit_list.php 

M      adm/visit_search.php 

M      bbs/search.php 

M      bbs/write.php 

M      lib/common.lib.php 

M      lib/mailer.lib.php 

M      mobile/skin/faq/basic/list.skin.php 

M      mobile/skin/member/basic/point.skin.php 

M      skin/faq/basic/list.skin.php 

M      skin/member/basic/point.skin.php 

9606664 xss 취약점 대응 코드 추가 

M      mobile/skin/shop/basic/itemqalist.skin.php 

M      mobile/skin/shop/basic/itemuselist.skin.php 

M      skin/shop/basic/itemuselist.skin.php 

fc3fd39 XSS 및 CSRF 취약점 수정 

M      adm/shop_admin/index.php 

M      adm/shop_admin/itemqalist.php 

M      adm/shop_admin/itemuselist.php 


MENU