[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] Multiple SQL Injection bugs in TCS website
From: Scarlet Pimpernel <kishfellow () yahoo ! com>
Date: 2007-02-27 3:17:31
Message-ID: 445627.47206.qm () web51611 ! mail ! yahoo ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello list,
The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I \
already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam \
going to disclose the details here.
http://kishfellow.blogspot.com
The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL \
injection is given in my blog.
Cheers :)
Kish
Full-Disclosure - We believe in it !
Remember there is alwayz someone who knows more than us out there
---------------------------------
Don't get soaked. Take a quick peak at the forecast
with theYahoo! Search weather shortcut.
[Attachment #5 (text/html)]
Hello list,<br><br>The website of TCS (Tata Consultancy Services) is prone to multiple SQL \
injection bugs. I already sent them an email back in December 2006. They have not fixed the bug \
just yet, so Iam going to disclose the details \
here.<br><br>http://kishfellow.blogspot.com<br><br>The scripts are prone to multiple XSS, and \
SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.<br><br>Cheers \
:)<br>Kish<br><br>Full-Disclosure - We believe in it !<br><BR><BR><div style="font-weight: \
bold; text-decoration: underline;" id="RTEContent">Remember there is alwayz someone who knows \
more than us out there</div><p> 
<hr size=1>
Don't get soaked. Take a<a href="
http://tools.search.yahoo.com/shortcuts/?fr=oni_on_mail&#news"> quick peak at the forecast \
</a><br> with the<a href=" \
http://tools.search.yahoo.com/shortcuts/?fr=oni_on_mail&#news">Yahoo! Search weather \
shortcut.</a>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic