漏洞名稱:phpcmsv9寬字節(jié)注入
文件路徑:/phpcms/modules/pay/respond.php
修復(fù)方法來源于阿里云(安騎士)
源代碼:
/**
* return_url get形式響應(yīng)
*/
public function respond_get() {
if ($_GET['code']){
$payment = $this->get_by_code($_GET['code']);
if(!$payment) showmessage(L('payment_failed'));
$cfg = unserialize_config($payment['config']);
補(bǔ)丁代碼:
/*** return_url get形式響應(yīng)
*/
public function respond_get() {
if ($_GET['code']){
$payment = $this->get_by_code(mysql_real_escape_string($_GET['code']));; //補(bǔ)丁
if(!$payment) showmessage(L('payment_failed'));
$cfg = unserialize_config($payment['config']);