About the Client
IRCTC (Indian Railway Catering and Tourism Corporation) is a subsidiary of the Indian Railways that handles tourism and online ticketing operations of the Indian Railways.
The Challenge & Solutions
As being Ethical Hacker Indian Cyber Security Solutions Team had checked the Web-Based Application of IRCTC and found some critical level of vulnerabilities like SQL injection where anybody could access the database of IRCTC. ICSS Team reported to IRCTC to fix the vulnerabilities after identified the critical level vulnerabilities. IRCTC had acknowledged us to fix the vulnerabilities and the vulnerabilities are fixed now. You can refer to the Proof of Concept in the video given below: