[Full-disclosure] Multiple SQL Injection bugs in TCS website

2007-02-27T00:00:00
ID SECURITYVULNS:DOC:16196
Type securityvulns
Reporter Securityvulns
Modified 2007-02-27T00:00:00

Description

Hello list,

The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.

http://kishfellow.blogspot.com

The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.

Cheers :) Kish

Full-Disclosure - We believe in it !

Remember there is alwayz someone who knows more than us out there


Don't get soaked. Take a quick peak at the forecast with theYahoo! Search weather shortcut.