Redbus is Largest Online Bus Ticket Agent in India. Redbus suffered with highly critical vulnerability Bsql Injection.

Vulnerable URL :
User-Agent:  Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
Host IP:
Web Server: Microsoft-IIS/7.0
Powered-by: ASP.NET
Using this vulnerability , any one can access complete Database. Sorry Reader this time i am restricted post complete details of POC.

Name:  redbus.png
Views: 427
Size:  10.9 KB

Thank you redbus for fixing this bug . I use redbus for ticketing, so I feel redbus must be more secured

Special thanks to Garage4hackers Team

- [S]

Blind Sql injection [Responsible Disclosure] | root@sandeepkl337-ZH:~# _ A Bug Has To Be Fixed