Lucene search

HistoryFeb 27, 2007 - 12:00 a.m.

[Full-disclosure] Multiple SQL Injection bugs in TCS website


Hello list,

The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.

The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.

Cheers :)

Full-Disclosure - We believe in it !

Remember there is alwayz someone who knows more than us out there

Don't get soaked. Take a quick peak at the forecast
with theYahoo! Search weather shortcut.

Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API