Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Multiple SQL Injection bugs in TCS website

From: Scarlet Pimpernel <kishfellow () yahoo com>
Date: Mon, 26 Feb 2007 19:17:31 -0800 (PST)
Hello list,

The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email 
back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.

http://kishfellow.blogspot.com

The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my 
blog.

Cheers :)
Kish

Full-Disclosure - We believe in it !


Remember there is alwayz someone who knows more than us out there

 
---------------------------------
Don't get soaked.  Take a quick peak at the forecast 
 with theYahoo! Search weather shortcut.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: