[Full-disclosure] Multiple SQL Injection bugs in TCS website

Type securityvulns
Reporter Securityvulns
Modified 2007-02-27T00:00:00


Hello list,

The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.


The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.

Cheers :) Kish

Full-Disclosure - We believe in it !

Remember there is alwayz someone who knows more than us out there

Don't get soaked. Take a quick peak at the forecast with theYahoo! Search weather shortcut.