|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] Multiple SQL Injection bugs in TCS website
From: Scarlet Pimpernel (kishfellow
yahoo.com)
Date: Mon Feb 26 2007 - 21:17:31 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello list,
The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam going to disclose the details here.
http://kishfellow.blogspot.com
The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.
Cheers :)
Kish
Full-Disclosure - We believe in it !
Remember there is alwayz someone who knows more than us out there
---------------------------------
Don't get soaked. Take a quick peak at the forecast
with theYahoo! Search weather shortcut.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]