Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

MTN Group - HackerOne Reports

View on HackerOne

128

Total Reports

41

Critical

29

High

47

Medium

6

Low

Unauthenticated phpinfo()files could lead to ability file read at h3f6.n1.ips.mtn.co.ug

Reported by: offensiveops | Disclosed:

Medium

Weakness: Improper Access Control - Generic

Reflected Cross-Site scripting in : mtn.bj

Reported by: alimanshester | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS in chatbot

Reported by: roland_hack | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Wordpress users Disclosure [ /wp-json/wp/v2/users/ ]

Reported by: shubham_srt | Disclosed:

Critical

Weakness: Information Disclosure

Cross-Site Request Forgery (CSRF) to xss

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Cross-Site Request Forgery (CSRF)

Cross-site Scripting (XSS) - Reflected

Reported by: lu3ky-13 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

PHP Info Exposing Secrets at https://radio.mtn.bj/info

Reported by: pudsec | Disclosed:

High

Weakness: Information Disclosure

Developer Mistake

Reported by: coyemerald | Disclosed:

Insecure Storage of Sensitive Information on lonestarcell.com server

Reported by: q9m | Disclosed:

Critical

Weakness: Insecure Storage of Sensitive Information

Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure

Reported by: wallotry | Disclosed:

Critical

Weakness: Insecure Direct Object Reference (IDOR)

XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs.

Reported by: tandav | Disclosed:

High

Weakness: Uncontrolled Resource Consumption

SQL Injection on the administrator panel

Reported by: z3lox | Disclosed:

Critical

Weakness: SQL Injection

Exposure Of Admin Username & Password

Reported by: coyemerald | Disclosed:

Critical

Weakness: Insecure Storage of Sensitive Information

Unsafe cors sharing of admin users

Reported by: pwrspl0it | Disclosed:

Medium

IDOR Leads To Account Takeover Without User Interaction

Reported by: theranger | Disclosed:

Critical

Weakness: Insecure Direct Object Reference (IDOR)

Download full backup [Mtn.co.rw]

Reported by: ibrahimatix0x01 | Disclosed:

Critical

Wordpress users disclosure from json and xml file

Reported by: drak3hft7 | Disclosed:

Low

Weakness: Information Disclosure

POST BASED REFLECTED XSS IN dailydeals.mtn.co.za

Reported by: shuvam321 | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Reflected

Otp bypass in verifying nin

Reported by: mr_sparrow | Disclosed:

High

Weakness: Improper Authentication - Generic

Sensitive Information Disclosure Through Config File

Reported by: dh0pe | Disclosed:

High

Weakness: Cleartext Storage of Sensitive Information

Previous Page 3 of 7 Next