Instead of exposing index.php?id=42 , the feature dynamically generates search-engine-friendly (SEF) slugs like /products/blue-widget .
If I understand correctly, you want a tool or script feature that helps someone whether an index.php?id= parameter is still vulnerable after a claimed patch, or to automate detection of patched vs unpatched instances. inurl indexphpid patched