Sony Program Statistics

View program

10 total issues disclosed

$0 total paid publicly

Most disclosed (3 disclosures) — SQL Injection

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
明確な認証不備および潜在的な中間者攻撃の可能性(Clear Authentication Deficiencies & Potential for Man-in-the-Middle Attacks) Key Exchange without Entity Authentication trapedev High 2025-07-08
SQL injection at ███████ SQL Injection testingforbugs Critical 2024-01-24
SQL Injection at https://████ via ███ parameter SQL Injection kauenavarro Critical 2023-04-24
LFI at http://www.████ Command Injection - Generic n0x496n High 2022-12-16
SQL Injection on [█████████] SQL Injection splint3rsec High 2022-12-07
Path Traversal issue at https://████/blaze/ Path Traversal lu3ky-13 High 2022-10-06
SSRF on http://www.███████/crossdomain.php via url parameter Server-Side Request Forgery (SSRF) n0x496n Critical 2022-10-06
Response Manipulation leads to Admin Panel Login Bypass at https://██████/ Improper Authentication - Generic amanr1337 High 2022-09-12
Reflected XSS on ███ via jobid parameter Cross-site Scripting (XSS) - Reflected leo_rac Medium 2022-08-24
Blind User-Agent SQL Injection to Blind Remote OS Command Execution at █████████ OS Command Injection echidonut Critical 2022-07-06