Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

MTN Group - HackerOne Reports

View on HackerOne

128

Total Reports

41

Critical

29

High

47

Medium

6

Low

Cross-site Scripting (XSS) - Reflected on http://h1b4e.n2.ips.mtn.co.ug:8080 via Nginx-module

Reported by: renzi | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

path traversal vulnerability in Grafana 8.x allows " local file read "

Reported by: malagham | Disclosed:

Critical

cross site scripting in : mtn.bj

Reported by: alimanshester | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Reflected

Email verification bypassed during sing up (████████)

Reported by: ibrahimatix0x01 | Disclosed:

Medium

Weakness: Violation of Secure Design Principles

blind sql on [selfcare.mtn.com.af]

Reported by: pisarenko | Disclosed:

Medium

Weakness: SQL Injection

[play.mtn.co.za] Application level DoS via xmlrpc.php

Reported by: lmhu | Disclosed:

Medium

Weakness: Business Logic Errors

firebase credentials leaks @ ███████

Reported by: aliyugombe | Disclosed:

Medium

Weakness: Information Disclosure

CVE-2021-38314 @ https://www.mtn.ci

Reported by: aliyugombe | Disclosed:

Medium

CVEs: CVE-2021-38314

CVE-2021-38314 @ https://www.mtn.co.rw

Reported by: aliyugombe | Disclosed:

CVEs: CVE-2021-38314

Exposed gitlab repo at https://adammanco.mtn.com/api/v4/projects

Reported by: aliyugombe | Disclosed:

Low

Weakness: Information Disclosure

firebase credentials leaks @ https://mpulse.mtnonline.com

Reported by: aliyugombe | Disclosed:

Medium

Weakness: Information Disclosure

FULL ACCOUNT TAKEOVER

Reported by: impozzible | Disclosed:

Critical

RCE Apache Struts2 remote command execution (S2-045) on [wifi-partner.mtn.com.gh]

Reported by: pisarenko | Disclosed:

High

Weakness: Code Injection

Information disclosure via enabled Django Debug Mode

Reported by: nhx1 | Disclosed:

Medium

Weakness: Information Disclosure

cross site scripting reflected

Reported by: alitoni224 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS on play.mtn.co.za

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage.

Reported by: hazemhussien99 | Disclosed:

Critical

Weakness: Insecure Direct Object Reference (IDOR)

Open redirection at https://smartreports.mtncameroon.net

Reported by: vulnera | Disclosed:

Low

Weakness: Open Redirect

Information Disclosure Leads To User Data Leak

Reported by: netboy | Disclosed:

Weakness: Information Disclosure

Sensitive Information Disclosure Through Config File

Reported by: dh0pe | Disclosed:

High

Weakness: Cleartext Storage of Sensitive Information

Previous Page 2 of 7 Next