Responsible Disclosure #in#india #CarnivalCinema
Hi Medium, whats up ?, Tolesh Kumar here hope your doing great & having fun learning from the community like I am.
What is this Post about ?
on 25 July 2018, i found some critical bugs at moviecardindia.com and carnivalcinema.com website which lead to disclose there user data, movie card data and user booking history. I share these information with them on same day via calling and mail these details to you also send message on LinkedIn to there CEO (Sony Ravindranath)and other security persons. But Its not complete here. I mail to there security persons but i don't get no responses yet. This is the sad truth in India where security no matters if you work hard and make awareness they don’t even reply and say thanks to you.
IF there is anything I missed or typed wrong , you can leave a comment or contact me at https://www.linkedin.com/in/urstkj
Here is the Bug POC
You can also Check Full POC files:-
