zSecure team is back in news again, this time they have discovered a critical SQL injection vulnerability in HDFC Bank’s Web Portal. Using this critical flaw HDFC’s various databases can be accessed and dumped as well. This really raises a big question on the existing security in place within the bank. HDFC is the leading bank in India but they lack behind the basic security that needs to be implemented. Even after sending them complete details about the vulnerability they were not able to discover this critical falw which existed in their web portal.
Source: https://thehackernews.com/2011/09/hdfc-bank-database-hacked-by-zsecure.html