[Full-disclosure] Multiple SQL Injection bugs in TCS website
Scarlet Pimpernel
kishfellow at yahoo.com
Tue Feb 27 03:17:31 GMT 2007
Hello list,
The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.
http://kishfellow.blogspot.com
The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.
Cheers :)
Kish
Full-Disclosure - We believe in it !
Remember there is alwayz someone who knows more than us out there
---------------------------------
Don't get soaked. Take a quick peak at the forecast
with theYahoo! Search weather shortcut.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070226/b53d3e23/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.