Skip to content

Files

Latest commit

reddelexcreddelexc
update
Apr 20, 2025
3a5cde9 · Apr 20, 2025

History

History
130 lines (129 loc) · 16.8 KB

TOPMTNGROUP.md

File metadata and controls

130 lines (129 loc) · 16.8 KB

Top reports from MTN Group program at HackerOne:

  1. SQL Injection on cookie parameter to MTN Group - 316 upvotes, $0
  2. SQLi | in URL paths to MTN Group - 120 upvotes, $0
  3. FULL ACCOUNT TAKEOVER to MTN Group - 118 upvotes, $0
  4. Yet Another OTP code Leaked in the API Response to MTN Group - 115 upvotes, $0
  5. IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage. to MTN Group - 110 upvotes, $0
  6. Reflected cross site scripting (XSS) attacks Reflected XSS attacks, to MTN Group - 98 upvotes, $0
  7. DOM Based Reflected Cross Site Scripting to MTN Group - 96 upvotes, $0
  8. SQL injection in URL path leads to Database Access to MTN Group - 94 upvotes, $0
  9. Authentication Bypass Leads To Complete Account TakeveOver on ██████████ to MTN Group - 87 upvotes, $0
  10. Remote code execution [CVE-2023-36845] to MTN Group - 85 upvotes, $0
  11. IDOR Leads To User Profile Modification https://mtnmobad.mtnbusiness.com.ng/app/updateUser to MTN Group - 81 upvotes, $0
  12. cross site scripting reflected to MTN Group - 79 upvotes, $0
  13. Improper Access Controls(Admin Path) to MTN Group - 77 upvotes, $0
  14. Unauthorized access to PII leads to Administrator account Takeover to MTN Group - 69 upvotes, $0
  15. Ability to Add and Verify Uncontrolled Mobile Numbers Leading to Account Takeover (ATO) to MTN Group - 69 upvotes, $0
  16. Broken Access Control leads to disclosure of transaction history via /v2/rechargeTransactionHistory endpoint to MTN Group - 68 upvotes, $0
  17. Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE> to MTN Group - 67 upvotes, $0
  18. OTP code Leaked in API Response to MTN Group - 67 upvotes, $0
  19. Admin Dashboard Access Leads to Updating Merchant Info to MTN Group - 63 upvotes, $0
  20. PHP info page disclosure in ██████████ to MTN Group - 61 upvotes, $0
  21. Reflected - XSS to MTN Group - 60 upvotes, $0
  22. CVE-2018-0296 Cisco ASA Denial of Service & Path Traversal vulnerable on [mtn.co.ug] to MTN Group - 58 upvotes, $0
  23. Remote code execution via crafted pentaho report uploaded using default credentials for pentaho business server to MTN Group - 57 upvotes, $0
  24. Broken Access Control(Horizontal Privilege Escalation). to MTN Group - 57 upvotes, $0
  25. Information disclosure due to debug mode enabled at Laravel instance https://mpos.mtn.co.sz/ to MTN Group - 55 upvotes, $0
  26. Blind SSRF External Interaction on ████████ to MTN Group - 52 upvotes, $0
  27. Information disclosure via enabled Django Debug Mode to MTN Group - 51 upvotes, $0
  28. Weak/Auto Fill Password to MTN Group - 50 upvotes, $0
  29. SSRF Keycloak before 13.0.0 - CVE-2020-10770 on https://sponsoredata.mtn.ci to MTN Group - 49 upvotes, $0
  30. Insecure direct Object Reference(Horizontal Escalation) to MTN Group - 48 upvotes, $0
  31. No rate limit in OTP code sending to MTN Group - 46 upvotes, $0
  32. Exposure Of Admin Username & Password to MTN Group - 45 upvotes, $0
  33. CVE-2017-9822 DotNetNuke Cookie Deserialization Remote Code Execution (RCE) on lonidoor.mtn.ci to MTN Group - 45 upvotes, $0
  34. Cisco IOS XE instance at ████ vulnerable to CVE-██████ to MTN Group - 45 upvotes, $0
  35. Blind SQL Injection to MTN Group - 42 upvotes, $0
  36. CVE-2023-41763 Business Elevation of Privilege vulnerability on [.mtn.com] to MTN Group - 42 upvotes, $0
  37. Cross-Site Scripting through search form on mtnplay.co.zm to MTN Group - 39 upvotes, $0
  38. CVE-2010-1429 JBoss Insecure Storage of Sensitive Information on ips.mtn.co.ug to MTN Group - 39 upvotes, $0
  39. Unauthenticated phpinfo()files could lead to ability file read at █████████ to MTN Group - 38 upvotes, $0
  40. Default Login Credentials on https://broadbandmaps.mtn.com.gh/ to MTN Group - 36 upvotes, $0
  41. Social media account takeover to MTN Group - 36 upvotes, $0
  42. POST BASED REFLECTED XSS IN dailydeals.mtn.co.za to MTN Group - 35 upvotes, $0
  43. Cross-site Scripting (XSS) - Reflected to MTN Group - 34 upvotes, $0
  44. Week Passwords generated by password reset function to MTN Group - 33 upvotes, $0
  45. information discloure via logs files at ==> https://ihelp.mtnbusiness.com/logfiles/Log_21-06-2021.txt to MTN Group - 33 upvotes, $0
  46. Reflected Cross-Site scripting in : mtn.bj to MTN Group - 33 upvotes, $0
  47. SQL Injection on the administrator panel to MTN Group - 31 upvotes, $0
  48. Wordpress users Disclosure [ /wp-json/wp/v2/users/ ] to MTN Group - 31 upvotes, $0
  49. SharePoint exposed web services in a subdomain to MTN Group - 30 upvotes, $0
  50. Leaking usernames through endpoints Wordpress to MTN Group - 30 upvotes, $0
  51. RCE Apache Struts2 remote command execution (S2-045) on [wifi-partner.mtn.com.gh] to MTN Group - 29 upvotes, $0
  52. Remote OS Command Execution on Oracle Weblogic server via [CVE-2017-10271] to MTN Group - 28 upvotes, $0
  53. Wordpress users Disclosure [ /wp-json/wp/v2/users/ ] Not Resolved () to MTN Group - 28 upvotes, $0
  54. Cross-site Scripting (XSS) - Reflected on https://api.mtn.sd/carbon/admin/login.jsp via msgId parameter - CVE-2020-17453 to MTN Group - 28 upvotes, $0
  55. Remote code injection in Log4j on https://mymtn.mtncongo.net - CVE-2021-44228 to MTN Group - 28 upvotes, $0
  56. Unauthenticated phpinfo()files could lead to ability file read at h2f54.n1.ips.mtn.co.ug [/dashboard/] to MTN Group - 28 upvotes, $0
  57. IDOR [mtnmobad.mtnbusiness.com.ng] to MTN Group - 27 upvotes, $0
  58. Reflected Cross Site Scripting Cisco ASA on myvpn.mtncameroon.net CVE-2020-3580 to MTN Group - 26 upvotes, $0
  59. Remote OS Command Execution on Oracle Weblogic server via [CVE-2017-3506] to MTN Group - 25 upvotes, $0
  60. IDOR Leads To Account Takeover Without User Interaction to MTN Group - 24 upvotes, $0
  61. XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs. to MTN Group - 23 upvotes, $0
  62. RXSS - http://macademy.mtnonline.com to MTN Group - 23 upvotes, $0
  63. Reflected XSS on mtnhottseat.mtn.com.gh to MTN Group - 22 upvotes, $0
  64. path traversal vulnerability in Grafana 8.x allows " local file read " to MTN Group - 22 upvotes, $0
  65. Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure to MTN Group - 22 upvotes, $0
  66. Information Disclosure Leads To User Data Leak to MTN Group - 21 upvotes, $0
  67. Email verification bypassed during sing up (████████) to MTN Group - 20 upvotes, $0
  68. Download full backup [Mtn.co.rw] to MTN Group - 20 upvotes, $0
  69. Reflected XSS on dailydeals.mtn.co.za to MTN Group - 19 upvotes, $0
  70. Cross-Site Request Forgery (CSRF) to xss to MTN Group - 19 upvotes, $0
  71. Firebase credentials leak to MTN Group - 19 upvotes, $0
  72. OTP bypass - Unintended disclosure of OTP to client allows attacker to manage users' subscriptions to MTN Group - 18 upvotes, $0
  73. Reflected XSS on play.mtn.co.za to MTN Group - 17 upvotes, $0
  74. PHP Info Exposing Secrets at https://radio.mtn.bj/info to MTN Group - 17 upvotes, $0
  75. Otp bypass in verifying nin to MTN Group - 17 upvotes, $0
  76. Unsafe cors sharing of admin users to MTN Group - 16 upvotes, $0
  77. 2x Remote file inclusion within your VMware Instances to MTN Group - 16 upvotes, $0
  78. xss on [developers.mtn.com] to MTN Group - 16 upvotes, $0
  79. Accessible Restricted directory on [bcm-bcaw.mtn.cm] to MTN Group - 15 upvotes, $0
  80. Reflected XSS on gamesclub.mtn.com.g to MTN Group - 15 upvotes, $0
  81. [mtn.com.af] Multiple vulnerabilities allow to Application level DoS to MTN Group - 15 upvotes, $0
  82. HTML injection in email content during registration via FirstName/LastName parameter to MTN Group - 15 upvotes, $0
  83. Reflected XSS at dailydeals.mtn.co.za to MTN Group - 15 upvotes, $0
  84. Cross-site Scripting (XSS) - Reflected on http://callertunez.mtn.com.gh/wap/noauth/sharedetail.ftl via callback parameter to MTN Group - 15 upvotes, $0
  85. Remote code injection in Log4j on http://mtn1app.mtncameroon.net - CVE-2021-44228 to MTN Group - 15 upvotes, $0
  86. cross site scripting in : mtn.bj to MTN Group - 14 upvotes, $0
  87. Authentication bypass in ████████ to MTN Group - 14 upvotes, $0
  88. Information Disclosure FrontPage Configuration Information /_vti_inf.html in https://www.mtn.co.za/ to MTN Group - 13 upvotes, $0
  89. There is no rate limit for SME REGISTRATION PORTAL to MTN Group - 13 upvotes, $0
  90. Firebase Database Takeover in https://pulseradio.mtn.co.ug/ to MTN Group - 13 upvotes, $0
  91. Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code to MTN Group - 12 upvotes, $0
  92. Disclosure of internal information using hidden NTLM authentication leading to an exploit server to MTN Group - 12 upvotes, $0
  93. No rate limit lead to otp brute forcing to MTN Group - 12 upvotes, $0
  94. No rate limit in otp code sending to MTN Group - 12 upvotes, $0
  95. Insecure Storage of Sensitive Information on lonestarcell.com server to MTN Group - 12 upvotes, $0
  96. Open redirection at https://smartreports.mtncameroon.net to MTN Group - 12 upvotes, $0
  97. Sensitive Information Disclosure Through Config File to MTN Group - 12 upvotes, $0
  98. Password reset token leak on third party website via Referer header [██████████] to MTN Group - 11 upvotes, $0
  99. Developer Mistake to MTN Group - 11 upvotes, $0
  100. CVE-2018-6389 exploitation - using scripts loader to MTN Group - 10 upvotes, $0
  101. Unauthenticated Arbitrary File Deletion (CVE-2020-3187) to MTN Group - 10 upvotes, $0
  102. firebase credentials leaks @ https://mpulse.mtnonline.com to MTN Group - 10 upvotes, $0
  103. Reflected xss on videostore.mtnonline.com to MTN Group - 10 upvotes, $0
  104. XSS at http://nextapps.mtnonline.com/search/suggest/q/{xss payload} to MTN Group - 9 upvotes, $0
  105. Reflected XSS in chatbot to MTN Group - 9 upvotes, $0
  106. Unprotected Direct Object Reference to MTN Group - 9 upvotes, $0
  107. Cross-site Scripting (XSS) - Reflected on http://h1b4e.n2.ips.mtn.co.ug:8080 via Nginx-module to MTN Group - 9 upvotes, $0
  108. Java Debug Console Provides Command Injection Without Privellage Esclation to MTN Group - 8 upvotes, $0
  109. SQL injection [futexpert.mtngbissau.com] to MTN Group - 8 upvotes, $0
  110. Exposed .bash_history at http://21days2017.mtncameroon.net/.bash_history to MTN Group - 8 upvotes, $0
  111. Remote code execution due to unvalidated file upload to MTN Group - 8 upvotes, $0
  112. Information disclosure through django debug mode to MTN Group - 8 upvotes, $0
  113. No password length restriction in reset password endpoint at http://suppliers.mtn.cm to MTN Group - 8 upvotes, $0
  114. Upload directory of Mtn.ci to MTN Group - 7 upvotes, $0
  115. Insecure crossdomain.xml on https://vdc.mtnonline.com/ to MTN Group - 7 upvotes, $0
  116. Information Disclosure Microsoft IIS Server service.cnf in a mtn website to MTN Group - 6 upvotes, $0
  117. XSS at videostore.mtnonline.com/GL/*.aspx via all parameters to MTN Group - 6 upvotes, $0
  118. Wordpress users disclosure from json and xml file to MTN Group - 6 upvotes, $0
  119. String length restriction byepass at https://callerfeel.mtnonline.com/profile/feedback.html to MTN Group - 6 upvotes, $0
  120. Default Admin Username and Password on remedysso.mtncameroon.net to MTN Group - 5 upvotes, $0
  121. Exposed gitlab repo at https://adammanco.mtn.com/api/v4/projects to MTN Group - 5 upvotes, $0
  122. firebase credentials leaks @ ███████ to MTN Group - 5 upvotes, $0
  123. Upload directory of Mtn.co.sz has listing enabled to MTN Group - 4 upvotes, $0
  124. blind sql on [selfcare.mtn.com.af] to MTN Group - 4 upvotes, $0
  125. [play.mtn.co.za] Application level DoS via xmlrpc.php to MTN Group - 4 upvotes, $0
  126. CVE-2021-38314 @ https://www.mtn.co.rw to MTN Group - 4 upvotes, $0
  127. CVE-2021-38314 @ https://www.mtn.ci to MTN Group - 4 upvotes, $0
  128. Missing captcha and rate limit protection in help form to MTN Group - 3 upvotes, $0