@rohan_shenoy
Really appreciate it, I mean you informed Digit about the vulnerability and didn't do anything bad. Nice of you.
What
gary4gar mentioned is also very valid. You have done something good, but take care because it may go negative too.
Some other things related to this.
To be honest, not surprising or shocking. I remember reporting a major vulnerability (like without any hack we could see a lot of personal details of members) in Rediff 3 year back. The toughest thing was to get a contact number to inform them ! Had to google a lot at that time, finally found the phone number and told them. First they didn't believe, then they transferred it to their tech section and they called me back for details. But they could fix it within hrs. If Rediff is open to attacks, Thinkdigit will be for sure !
Main thing is - advantage (and disadvantage too) of PHP-Mysql is, anyone with a basic knowledge in programming can learn it very easily. May be 1 month is quite adequate. Once they know the basics, over confidence starts. They think programming is all what they learned in 1 month. They start coding and never think of any precautions that they should take.
Another thing is the multi-level outsourcing. One of my friends working in a famous Indian IT firm (do not want to name !), told me they outsource projects which they get from abroad( which they get as out sourced !). But the final product will be in their name. So the quality may not be the same. In big companies, coding is just one part, there will be team for multi level testing, debugging, security testing and a lot. But small companies or people who are new in the field, may not think of all those. They just start coding and once its done they deliver it.
Thing is these kinda people not only lose their credibility, but spoils the image of other Indian companies which are doing very good in the field
PS : @rohan_shenoy
There is some small bug in your blog's comment page. It is not javascript, something with PHP itself. I think there is a space or "echo" or some redirection set wrong in the file /home/mhtcet/public_html/w3hobbyist.com/admin/config.php . Even a blank line can cause it. The comments goes to db it seems but fails to load the next page (due to the header issue)
Offtopic : I guess w3hobbyist.com is a parked / add-on domain ? If so, I strongly recommend you to make it separate web space as it will do better with search engines ? Please ignore if it is not.