Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Multiple SQL Injection bugs in TCS website
- From: kishfellow at yahoo.com (Scarlet Pimpernel)
- Subject: [Full-disclosure] Multiple SQL Injection bugs in TCS website
- Date: Mon, 26 Feb 2007 19:17:31 -0800 (PST)
Hello list, The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here. http://kishfellow.blogspot.com The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog. Cheers :) Kish Full-Disclosure - We believe in it ! Remember there is alwayz someone who knows more than us out there --------------------------------- Don't get soaked. Take a quick peak at the forecast with theYahoo! Search weather shortcut. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070226/b53d3e23/attachment.html
- Prev by Date: [Full-disclosure] ViewCVS 0.9.4 issues
- Next by Date: [Full-disclosure] Extracting files from SMB packet captures
- Previous by thread: [Full-disclosure] ViewCVS 0.9.4 issues
- Next by thread: [Full-disclosure] Wordpress 2.1.1 - Multiple Script Injection Vulnerabilities
- Index(es):