Full Disclosure mailing list archives
Multiple SQL Injection bugs in TCS website
From: Scarlet Pimpernel <kishfellow () yahoo com>
Date: Mon, 26 Feb 2007 19:17:31 -0800 (PST)
Hello list, The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here. http://kishfellow.blogspot.com The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog. Cheers :) Kish Full-Disclosure - We believe in it ! Remember there is alwayz someone who knows more than us out there --------------------------------- Don't get soaked. Take a quick peak at the forecast with theYahoo! Search weather shortcut.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Multiple SQL Injection bugs in TCS website Scarlet Pimpernel (Feb 27)