diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index 622fb4829..f4fee677b 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -85,6 +85,9 @@
                 }
             }
 
+            if(!in_array($this->lang_type, $lang_supported)) $this->lang_type = $this->db_info->lang_type;
+            if(!$this->lang_type) $this->lang_type = "en";
+
             Context::set('lang_supported', $lang_supported);
 
             $this->setLangType($this->lang_type);
@@ -402,6 +405,7 @@
             if(!count($_REQUEST)) return;
 
             foreach($_REQUEST as $key => $val) {
+                if($key == "page" || substr($key,-3)=="srl") $val = (int)$val;
                 if(is_array($val)) {
                     for($i=0;$i<count($val);$i++) {
                         if(get_magic_quotes_gpc()) $val[$i] = stripslashes($val[$i]);
diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php
index 40d6ea8ca..b6e330ea9 100644
--- a/classes/module/ModuleHandler.class.php
+++ b/classes/module/ModuleHandler.class.php
@@ -49,8 +49,13 @@
             if(!$mid) $this->mid = Context::get('mid');
             else $this->mid = $mid;
 
-            if(!$document_srl) $this->document_srl = Context::get('document_srl');
-            else $this->document_srl = $document_srl;
+            if(!$document_srl) $this->document_srl = (int)Context::get('document_srl');
+            else $this->document_srl = (int)$document_srl;
+
+            // 기본 변수들의 검사 (XSS방지를 위한 기초적 검사)
+            if($this->module && !eregi("^([a-z0-9\_\-]+)$",$this->module)) die(Context::getLang("msg_invalid_request"));
+            if($this->mid && !eregi("^([a-z0-9\_\-]+)$",$this->mid)) die(Context::getLang("msg_invalid_request"));
+            if($this->act && !eregi("^([a-z0-9\_\-]+)$",$this->act)) die(Context::getLang("msg_invalid_request"));
 
             // 애드온 실행 (모듈 실행 전)
             $called_position = 'before_module_init';