Discuz v63 point mall plug-in SQL Injection Vulnerability

Today, the webscan security team intercepted a Discuz Forum v63 points mall plug-in injection vulnerability, which exists in the config of the plug-in. ini. function getGoods ($ id) {$ query = DB: query ('select * from '. DB: table ('v63 _ goods '). 'where' id' = '. $ id); // $ the id parameter is not filtered and directly imported into the SQL statement for execution $ goods = DB: fetch ($ query ); $ goods ['endtime2'] = date ('Y-m-d', $ goods ['endtime']); $ goods ['price2'] = $ goods ['price']; if ($ goods ['sort '] = 2) {$ goods ['endtime2'] = date ('Y-m-d H: I: s', $ goods ['endtime' ]); $ Query = DB: query ("select * from ". DB: table ('v63 _ pm '). "where gid = '$ goods [id] 'order by id desc"); $ last = DB: fetch ($ query); if (is_array ($ last )) {$ goods ['price'] = $ last ['chujia ']; $ goods ['uid'] = $ last ['uid']; $ goods ['username'] = $ last ['username']; $ goods ['ps'] = $ last; if (time () + 600> $ goods ['endtime']) {$ goods ['endtime'] = $ last [time] + 600; $ goods ['endtime2'] = date ('Y-m-d H: I: s', $ last [ti Me] + 600) ;}}return $ goods;} the vulnerability directly threatens the security of website data and website servers, this eventually leads to serious consequences such as "de-Database" and "Trojan". Because the plug-in is a plug-in released by netizens online and has been updated, there is no official patch for the time being, webmasters can use the following temporary solutions to fix vulnerabilities and avoid the risk of website intrusion. Modify the config. ini. 29 rows in the PHP File $ query = DB: query ('select * from '. DB: table ('v63 _ goods '). 'where' id' = '. $ id); change to $ query = DB: query ('select * from '. DB: table ('v63 _ goods '). 'where' id' = '. intval ($ id ));