[보안패치] 영카트 5.2.5 정보
[보안패치] 영카트 5.2.5첨부파일
본문
** 수정내역 **
XSS (16-1008) 취약점을 수정했습니다. (한국인터넷진흥원에서 알려주셨습니다.)
XSS (16-995,1003,1007) 취약점을 수정했습니다. (한국인터넷진흥원에서 알려주셨습니다.)
KCP 본인확인 모바일 관련 수정했습니다. ( 웹뷰 안에서 본인확인 할수 있도록 개선되었습니다. )
스마트에디터 이미지 업로드를 좀 더 엄격하게 체크 할수 있도록 수정했습니다.( letsgolee 님이 제보해 주셨습니다. )
PHPMailer 5.2.19 버전으로 적용했습니다.
https://github.com/gnuboard/youngcart5/commit/792eb8fd302a8a867cd8771f234f1c037fb8c54f
https://github.com/gnuboard/youngcart5/commit/a7748ade03937f01439abc2d5d2012906ba58815
https://github.com/gnuboard/youngcart5/commit/177604e8dc70a0c0fa5a738609943043fe639ee9
https://github.com/gnuboard/youngcart5/commit/31ee98dc6e2310cf2a270be8a2c75d3f6f61e397
https://github.com/gnuboard/youngcart5/commit/45cf2da05b5bcb215da8349d3edeeb2cb6015795
https://github.com/gnuboard/youngcart5/commit/3f32ef63e4bd76ff669a2abf039caa822d193c0d
https://github.com/gnuboard/youngcart5/commit/f93f66500a1535d3ee87e9f1c3a0c83add273290
https://github.com/gnuboard/youngcart5/commit/b4adb615506d013360702a87231d0ba59e447453
b4adb61 5.2.5 버전변경
M config.php
f93f665 XSS 취약점(16-1007) 수정
M adm/shop_admin/bannerform.php
M adm/shop_admin/itemeventform.php
M adm/shop_admin/itemeventlist.php
M adm/shop_admin/itemsellrank.php
M adm/shop_admin/itemstocklist.php
M adm/shop_admin/itemstocksms.php
M adm/shop_admin/itemtypelist.php
M adm/shop_admin/optionstocklist.php
M adm/shop_admin/orderlist.php
M adm/shop_admin/wishlist.php
3f32ef6 XSS 취약점(16-1008) 수정
M adm/faqmasterform.php
M adm/newwinform.php
M adm/popular_rank.php
M adm/visit.sub.php
45cf2da 스마트에디터 업로드 방식 수정
A extend/smarteditor_upload_extend.php
M plugin/editor/smarteditor2/editor.lib.php
M plugin/editor/smarteditor2/photo_uploader/popup/php/UploadHandler.php
31ee98d XSS 취약점(16-995, 1003) 수정
M shop/itemqaform.php
M shop/itemqaformupdate.php
M shop/itemuseform.php
M shop/itemuseformupdate.php
177604e 이니시스 결제 폼 수정
M shop/orderform.sub.php
792eb8f KCP 본인확인 모바일 관련 수정
M js/certify.js
M mobile/skin/member/basic/register_form.skin.php
M plugin/kcpcert/kcpcert_form.php
M plugin/kcpcert/kcpcert_result.php
M skin/member/basic/register_form.skin.php
M theme/basic/mobile/skin/member/basic/register_form.skin.php
M theme/basic/skin/member/basic/register_form.skin.php
a7748ad PHPMailer 5.2.19 버전 적용
M plugin/PHPMailer/VERSION
M plugin/PHPMailer/class.phpmailer.php
M plugin/PHPMailer/class.phpmaileroauth.php
M plugin/PHPMailer/class.phpmaileroauthgoogle.php
M plugin/PHPMailer/class.pop3.php
M plugin/PHPMailer/class.smtp.php
A plugin/PHPMailer/composer.json
A plugin/PHPMailer/composer.lock
A plugin/PHPMailer/examples/DKIM.phps
M plugin/PHPMailer/examples/scripts/shLegacy.js
M plugin/PHPMailer/examples/send_file_upload.phps
A plugin/PHPMailer/examples/send_multiple_file_upload.phps
M plugin/PHPMailer/examples/smtp_check.phps
M plugin/PHPMailer/extras/htmlfilter.php
M plugin/PHPMailer/extras/ntlm_sasl_client.php
M plugin/PHPMailer/get_oauth_token.php
A plugin/PHPMailer/language/phpmailer.lang-cs.php
A plugin/PHPMailer/language/phpmailer.lang-da.php
M plugin/PHPMailer/language/phpmailer.lang-de.php
M plugin/PHPMailer/language/phpmailer.lang-es.php
M plugin/PHPMailer/language/phpmailer.lang-ka.php
A plugin/PHPMailer/language/phpmailer.lang-nb.php
M plugin/PHPMailer/language/phpmailer.lang-pl.php
A plugin/PHPMailer/language/phpmailer.lang-pt_br.php
M plugin/PHPMailer/language/phpmailer.lang-ro.php
M plugin/PHPMailer/language/phpmailer.lang-ru.php
A plugin/PHPMailer/language/phpmailer.lang-sv.php
XSS (16-1008) 취약점을 수정했습니다. (한국인터넷진흥원에서 알려주셨습니다.)
XSS (16-995,1003,1007) 취약점을 수정했습니다. (한국인터넷진흥원에서 알려주셨습니다.)
KCP 본인확인 모바일 관련 수정했습니다. ( 웹뷰 안에서 본인확인 할수 있도록 개선되었습니다. )
스마트에디터 이미지 업로드를 좀 더 엄격하게 체크 할수 있도록 수정했습니다.( letsgolee 님이 제보해 주셨습니다. )
PHPMailer 5.2.19 버전으로 적용했습니다.
https://github.com/gnuboard/youngcart5/commit/792eb8fd302a8a867cd8771f234f1c037fb8c54f
https://github.com/gnuboard/youngcart5/commit/a7748ade03937f01439abc2d5d2012906ba58815
https://github.com/gnuboard/youngcart5/commit/177604e8dc70a0c0fa5a738609943043fe639ee9
https://github.com/gnuboard/youngcart5/commit/31ee98dc6e2310cf2a270be8a2c75d3f6f61e397
https://github.com/gnuboard/youngcart5/commit/45cf2da05b5bcb215da8349d3edeeb2cb6015795
https://github.com/gnuboard/youngcart5/commit/3f32ef63e4bd76ff669a2abf039caa822d193c0d
https://github.com/gnuboard/youngcart5/commit/f93f66500a1535d3ee87e9f1c3a0c83add273290
https://github.com/gnuboard/youngcart5/commit/b4adb615506d013360702a87231d0ba59e447453
b4adb61 5.2.5 버전변경
M config.php
f93f665 XSS 취약점(16-1007) 수정
M adm/shop_admin/bannerform.php
M adm/shop_admin/itemeventform.php
M adm/shop_admin/itemeventlist.php
M adm/shop_admin/itemsellrank.php
M adm/shop_admin/itemstocklist.php
M adm/shop_admin/itemstocksms.php
M adm/shop_admin/itemtypelist.php
M adm/shop_admin/optionstocklist.php
M adm/shop_admin/orderlist.php
M adm/shop_admin/wishlist.php
3f32ef6 XSS 취약점(16-1008) 수정
M adm/faqmasterform.php
M adm/newwinform.php
M adm/popular_rank.php
M adm/visit.sub.php
45cf2da 스마트에디터 업로드 방식 수정
A extend/smarteditor_upload_extend.php
M plugin/editor/smarteditor2/editor.lib.php
M plugin/editor/smarteditor2/photo_uploader/popup/php/UploadHandler.php
31ee98d XSS 취약점(16-995, 1003) 수정
M shop/itemqaform.php
M shop/itemqaformupdate.php
M shop/itemuseform.php
M shop/itemuseformupdate.php
177604e 이니시스 결제 폼 수정
M shop/orderform.sub.php
792eb8f KCP 본인확인 모바일 관련 수정
M js/certify.js
M mobile/skin/member/basic/register_form.skin.php
M plugin/kcpcert/kcpcert_form.php
M plugin/kcpcert/kcpcert_result.php
M skin/member/basic/register_form.skin.php
M theme/basic/mobile/skin/member/basic/register_form.skin.php
M theme/basic/skin/member/basic/register_form.skin.php
a7748ad PHPMailer 5.2.19 버전 적용
M plugin/PHPMailer/VERSION
M plugin/PHPMailer/class.phpmailer.php
M plugin/PHPMailer/class.phpmaileroauth.php
M plugin/PHPMailer/class.phpmaileroauthgoogle.php
M plugin/PHPMailer/class.pop3.php
M plugin/PHPMailer/class.smtp.php
A plugin/PHPMailer/composer.json
A plugin/PHPMailer/composer.lock
A plugin/PHPMailer/examples/DKIM.phps
M plugin/PHPMailer/examples/scripts/shLegacy.js
M plugin/PHPMailer/examples/send_file_upload.phps
A plugin/PHPMailer/examples/send_multiple_file_upload.phps
M plugin/PHPMailer/examples/smtp_check.phps
M plugin/PHPMailer/extras/htmlfilter.php
M plugin/PHPMailer/extras/ntlm_sasl_client.php
M plugin/PHPMailer/get_oauth_token.php
A plugin/PHPMailer/language/phpmailer.lang-cs.php
A plugin/PHPMailer/language/phpmailer.lang-da.php
M plugin/PHPMailer/language/phpmailer.lang-de.php
M plugin/PHPMailer/language/phpmailer.lang-es.php
M plugin/PHPMailer/language/phpmailer.lang-ka.php
A plugin/PHPMailer/language/phpmailer.lang-nb.php
M plugin/PHPMailer/language/phpmailer.lang-pl.php
A plugin/PHPMailer/language/phpmailer.lang-pt_br.php
M plugin/PHPMailer/language/phpmailer.lang-ro.php
M plugin/PHPMailer/language/phpmailer.lang-ru.php
A plugin/PHPMailer/language/phpmailer.lang-sv.php
댓글 10개
감사합니다.
감사합니다
감사합니다
고맙습니다~^^
감사합니다.
수고하셨습니다.. 새해 복 많이 받으세요^^
ㄳ
감사합니다.
감사합니다.
감사합니다.