SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows remote attackers to execute arbitrary SQL commands via the id parameter.