This week i discovered a rather major whole in coutts.com 'secure' sql code.

When an unsuccessful application was made from their Services Application page it would take you through to the secure section and print out the SQL server login name and password

Income :£0-25k
Liquid :£0-100k
Fixed :£0-1m
DOB_Difference :0
Residence :
step1 :True
DECLINE DB Conn dsn=coutts_dsn;uid=coutts_user;pwd=coutts!user;database=db_coutts
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC SQL Server Driver][SQL Server]Cannot open database requested in login 'db_coutts'. Login fails.
/secure/include/coutts_app_streamlined.asp, line 460

They rectified the problem soon after I emailed them about it and didn't even have the decency to say thank you - what a polite bunch of chaps