Sony - HackerOne Reports
View on HackerOne12
Total Reports
6
Critical
5
High
1
Medium
0
Low
Remote Code Execution (RCE) in a Sony WebSystem
Reported by:
joaomatosf
|
Disclosed:
Critical
Weakness: Deserialization of Untrusted Data
Blind User-Agent SQL Injection to Blind Remote OS Command Execution at █████████
Reported by:
echidonut
|
Disclosed:
Critical
Weakness: OS Command Injection
明確な認証不備および潜在的な中間者攻撃の可能性(Clear Authentication Deficiencies & Potential for Man-in-the-Middle Attacks)
Reported by:
trapedev
|
Disclosed:
High
Weakness: Key Exchange without Entity Authentication
Remote Code Execution (RCE) in a Sony Pictures WebSystem
Reported by:
joaomatosf
|
Disclosed:
Critical
Weakness: Deserialization of Untrusted Data
SQL Injection on [█████████]
Reported by:
splint3rsec
|
Disclosed:
High
Weakness: SQL Injection
Reflected XSS on ███ via jobid parameter
Reported by:
leo_rac
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Reflected
SQL Injection at https://████ via ███ parameter
Reported by:
kauenavarro
|
Disclosed:
Critical
Weakness: SQL Injection
SQL injection at ███████
Reported by:
testingforbugs
|
Disclosed:
Critical
Weakness: SQL Injection
SSRF on http://www.███████/crossdomain.php via url parameter
Reported by:
n0x496n
|
Disclosed:
Critical
Weakness: Server-Side Request Forgery (SSRF)
Response Manipulation leads to Admin Panel Login Bypass at https://██████/
Reported by:
amanr1337
|
Disclosed:
High
Weakness: Improper Authentication - Generic
Path Traversal issue at https://████/blaze/
Reported by:
lu3ky-13
|
Disclosed:
High
Weakness: Path Traversal
LFI at http://www.████
Reported by:
n0x496n
|
Disclosed:
High
Weakness: Command Injection - Generic