[<prev] [next>] [day] [month] [year] [list]
Message-ID: <445627.47206.qm@web51611.mail.yahoo.com>
Date: Mon, 26 Feb 2007 19:17:31 -0800 (PST)
From: Scarlet Pimpernel <kishfellow@...oo.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Multiple SQL Injection bugs in TCS website
Hello list,
The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.
http://kishfellow.blogspot.com
The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.
Cheers :)
Kish
Full-Disclosure - We believe in it !
Remember there is alwayz someone who knows more than us out there
---------------------------------
Don't get soaked. Take a quick peak at the forecast
with theYahoo! Search weather shortcut.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists