[웹드로우] 영카트5 보안업데이트 5.1.7

페이지 정보

조회 1,712회 작성일 2015-11-25 16:44 URL https://webdraw.kr/notice/405

본문

** 수정내역 ** 

 

CSRF 취약점을 수정했습니다. (한국인터넷진흥원을 통해 이동건님이 알려주셨습니다.) 

 

adm/admin.js 파일이 수정되어 브라우저 캐시를 갱신하지 않으면 정상적인 사용이 불가능할 수 있습니다. 

패치 후 브라우저 화면 새로고침을 여러 번 실행하셔서 캐시를 갱신해주시기 바랍니다. 

 

https://github.com/gnuboard/youngcart5/commit/fe3b84ee6b91e7267abe48931e24482a6dc7a083 

https://github.com/gnuboard/youngcart5/commit/8b3a5738a4b0f5b4fda9a1c1fd202e2d84615759 

https://github.com/gnuboard/youngcart5/commit/d289dc8efdfd3a387536e6b15042031ee70da3d4 

https://github.com/gnuboard/youngcart5/commit/18c75dde9102b2e5551bdd5991e398179f49ffc1 

 

 

65e8a21 5.1.7 버전변경 

bd57ac5 5.1.8 버전변경 

M      config.php 

5af0d8a Merge branch 'g5' 

db3519a 1:1문의 SMS 발신번호 사전등록제 관련 코드 수정 

M      bbs/qawrite_update.php 

a155f4d 쇼핑몰 관리자 CSRF 취약점 수정 

M      adm/shop_admin/bannerformupdate.php 

M      adm/shop_admin/bannerlist.php 

M      adm/shop_admin/categoryformupdate.php 

M      adm/shop_admin/categorylist.php 

M      adm/shop_admin/categorylistupdate.php 

M      adm/shop_admin/configform.php 

M      adm/shop_admin/configformupdate.php 

M      adm/shop_admin/couponformupdate.php 

M      adm/shop_admin/couponlist.php 

M      adm/shop_admin/couponlist_delete.php 

M      adm/shop_admin/itemcopy.php 

M      adm/shop_admin/itemcopyupdate.php 

M      adm/shop_admin/itemevent.php 

M      adm/shop_admin/itemeventformupdate.php 

M      adm/shop_admin/itemformupdate.php 

M      adm/shop_admin/itemlistupdate.php 

M      adm/shop_admin/itemqaformupdate.php 

M      adm/shop_admin/itemqalistupdate.php 

M      adm/shop_admin/itemstocklistupdate.php 

M      adm/shop_admin/itemstocksmsupdate.php 

M      adm/shop_admin/itemtypelistupdate.php 

M      adm/shop_admin/itemuseformupdate.php 

M      adm/shop_admin/itemuselistupdate.php 

M      adm/shop_admin/optionstocklistupdate.php 

M      adm/shop_admin/orderformcartupdate.php 

M      adm/shop_admin/orderformreceiptupdate.php 

M      adm/shop_admin/orderformupdate.php 

M      adm/shop_admin/orderlistdelete.php 

M      adm/shop_admin/orderlistupdate.php 

M      adm/shop_admin/personalpayform.php 

M      adm/shop_admin/personalpayformupdate.php 

M      adm/shop_admin/personalpaylist.php 

M      adm/shop_admin/sendcostlist.php 

M      adm/shop_admin/sendcostupdate.php 

bfaa429 g5 merge 충돌 수정 

33e9d1e 관리자 CSRF 취약점 수정2 

M      adm/admin.js 

M      adm/admin.lib.php 

M      adm/board_copy.php 

M      adm/contentformupdate.php 

M      adm/contentlist.php 

M      adm/faqformupdate.php 

M      adm/faqlist.php 

M      adm/faqmasterformupdate.php 

M      adm/faqmasterlist.php 

M      adm/index.php 

M      adm/mail_list.php 

M      adm/newwinformupdate.php 

M      adm/newwinlist.php 

M      adm/poll_list.php 

M      adm/sms_admin/config_update.php 

M      adm/sms_admin/sms_write_send.php 

32d09cf 관리자 CSRF 취약점 수정 

M      adm/admin.js 

M      adm/admin.lib.php 

A      adm/ajax.token.php 

M      adm/auth_list.php 

M      adm/auth_list_delete.php 

M      adm/auth_update.php 

M      adm/board_copy.php 

M      adm/board_copy_update.php 

M      adm/board_form.php 

M      adm/board_form_update.php 

M      adm/board_list_update.php 

M      adm/boardgroup_form.php 

M      adm/boardgroup_form_update.php 

M      adm/boardgroup_list.php 

M      adm/boardgroup_list_update.php 

M      adm/boardgroupmember_form.php 

M      adm/boardgroupmember_update.php 

M      adm/config_form.php 

M      adm/config_form_update.php 

M      adm/contentform.php 

M      adm/contentformupdate.php 

M      adm/faqform.php 

M      adm/faqformupdate.php 

M      adm/faqmasterform.php 

M      adm/faqmasterformupdate.php 

M      adm/mail_delete.php 

M      adm/mail_form.php 

M      adm/mail_select_list.php 

M      adm/mail_select_update.php 

M      adm/mail_update.php 

M      adm/member_delete.php 

M      adm/member_form.php 

M      adm/member_form_update.php 

M      adm/member_list.php 

M      adm/member_list_delete.php 

M      adm/menu_list.php 

M      adm/menu_list_update.php 

M      adm/newwinform.php 

M      adm/newwinformupdate.php 

M      adm/point_list.php 

M      adm/point_list_delete.php 

M      adm/point_update.php 

M      adm/poll_delete.php 

M      adm/poll_form.php 

M      adm/poll_form_update.php 

M      adm/poll_list.php 

M      adm/qa_config.php 

M      adm/qa_config_update.php 

M      adm/theme_update.php 

9afb28e Merge branch 'g5' 

976c9d0 모바일 제목 설정 적용되도록 수정 

M      bbs/board.php 

M      bbs/new.php 

M      bbs/search.php 

M      bbs/write.php 

M      mobile/skin/board/basic/list.skin.php 

M      mobile/skin/board/basic/view.skin.php 

M      mobile/skin/board/gallery/list.skin.php 

M      mobile/skin/board/gallery/view.skin.php 

M      theme/basic/mobile/skin/board/basic/list.skin.php 

M      theme/basic/mobile/skin/board/basic/view.skin.php 

M      theme/basic/mobile/skin/board/gallery/list.skin.php 

M      theme/basic/mobile/skin/board/gallery/view.skin.php 


MENU