Discuz v63shop_goods Plugin SQL Injection Scanner

The Discuz v63shop_goods Plugin is used within the Discuz! community forum software. Discuz! is widely employed for creating and managing online forums and communities. It is typically used by website administrators and forum managers to provide a structured platform for online discussions. The plugin itself adds e-commerce capabilities to the forum, allowing users to list and manage goods for sale. It is popular among small to medium-sized online communities that require integrated forum and shopping functionalities. Users include hobbyist communities, small businesses, and enthusiasts who manage niche forums.

The SQL Injection vulnerability present in the Discuz v63shop_goods Plugin can allow an attacker to manipulate the SQL queries made by the application. This type of vulnerability can enable attackers to execute arbitrary SQL statements in the database used by the Discuz forum. The vulnerability exists due to insufficient input validation, allowing specially crafted requests to execute commands on the database server. By exploiting this, attackers can potentially view, add, delete, or modify data within the forum's database.

The vulnerability is specifically found in the endpoint '/plugin.php' where the parameter 'gid' can be exploited. An attacker can inject SQL code, such as union-based queries, to alter the normal execution of the SQL statement. For instance, by appending commands that concatenate MD5 hashed values to confirm the injection, attackers can confirm successful manipulation of the database query process. This highlights the lack of validation and filtering while processing user inputs, leading to potential data exposure.

If exploited, the SQL Injection vulnerability in the Discuz v63shop_goods Plugin could have several significant impacts. Attackers might obtain sensitive data such as user credentials from the database. They could manipulate existing data, causing loss of integrity for the forum's core data. Additionally, they could delete or corrupt data leading to denial of service or loss of service continuity to legitimate users. Exploitation could expose backend database structure and application logic, posing further risks to the confidentiality and security of user data stored within the forum.