'[Full-disclosure] Multiple SQL Injection bugs in TCS website'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Multiple SQL Injection bugs in TCS website
From:       Scarlet Pimpernel <kishfellow () yahoo ! com>
Date:       2007-02-27 3:17:31
Message-ID: 445627.47206.qm () web51611 ! mail ! yahoo ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hello list,

The website of TCS (Tata Consultancy Services) is prone to multiple SQL injection bugs. I \
already sent them an email back in December 2006. They have not fixed the bug just yet, so Iam \
going to disclose the details here.

http://kishfellow.blogspot.com

The scripts are prone to multiple XSS, and SQL bugs. A sample screenshot for a potential SQL \
injection is given in my blog.

Cheers :)
Kish

Full-Disclosure - We believe in it !


Remember there is alwayz someone who knows more than us out there

 
---------------------------------
Don't get soaked.  Take a quick peak at the forecast 
 with theYahoo! Search weather shortcut.


[Attachment #5 (text/html)]

Hello list,<br><br>The website of TCS (Tata Consultancy Services) is prone to multiple SQL \
injection bugs. I already sent them an email back in December 2006. They have not fixed the bug \
just yet, so Iam going to disclose the details \
here.<br><br>http://kishfellow.blogspot.com<br><br>The scripts are prone to multiple XSS, and \
SQL bugs. A sample screenshot for a potential SQL injection is given in my blog.<br><br>Cheers \
:)<br>Kish<br><br>Full-Disclosure - We believe in it !<br><BR><BR><div style="font-weight: \
bold; text-decoration: underline;" id="RTEContent">Remember there is alwayz someone who knows \
more than us out there</div><p>&#32;

<hr size=1>
Don't get soaked.  Take a<a href="
http://tools.search.yahoo.com/shortcuts/?fr=oni_on_mail&#news"> quick peak at the forecast \
</a><br> with the<a href=" \
http://tools.search.yahoo.com/shortcuts/?fr=oni_on_mail&#news">Yahoo! Search weather \
shortcut.</a>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic