Took a quick look at Sourcery Market and found a bunch of vulnerabilities - including being able to read any private message. It took me longer to write these up than to find them:
https://gist.github.com/anonymous/2b9e7a9ada8ee8d508ab58c347909150
This market should be shut down asap - the admins are in way over their heads. The security and code quality is inadequate for a child's blog let alone for a darknetmarket
The admin also let slip he is from the UK so the feds even know which part of the world to start the hunt for him.