Why are so many market admins making no effort to hide the framework they are using? It is no wonder why people stick with Agora despite the downtime, at least they are not amateurs.
It is trivial task to then look up CVE details on that framework and just test every vulnerability until one is found works and determine the version.
Yeah it's pretty fucking sad that a skript kiddy could plug away on google and actually do some damage here. You'd think market admins would care about security, but in my opinion this goes to show that many don't care at all. Why? Perhaps because they know they won't be around in 4 months time.