R123achit/VSTRA — Repository contains live Razorpay production API credentials (rzp_live_ key ID and key secret) committed directly in a markdown file, matching the search for real payment API credentials with payout capabilities.
heyvivek-sketch/sureshothack — Repository contains live Razorpay production API credentials (rzp_live_ key ID and secret) committed in a debug markdown file for a gaming platform.
khushbu35145/backend — Repository contains hardcoded Razorpay LIVE production credentials (key_id and key_secret) committed directly in source code.
coderkeshav-yt/Enrollify — Repository contains hardcoded Razorpay LIVE production credentials (key_id and key_secret) in the frontend source code (src/App.tsx).
sayanbanik08/Woolenza — Repository contains a committed .env.bak file with live Razorpay production credentials (rzp_live_ key ID and key secret) for an eCommerce project called Woolenza.
abhijeets54/ankkorwoo — Repository contains a committed env.txt file with live Razorpay production credentials (rzp_live_ key ID and secret), along with numerous other production secrets including database, Redis, WooCommerce, and email API keys.
webihooks/dg — Repository contains live Razorpay production API credentials (rzp_live_ key ID and key secret) committed directly in config.php, which could enable fund transfers/payouts.
Yashkatiyar24/GENBOOK.AI — Repository contains live Razorpay production credentials (rzp_live_ key ID and secret) hardcoded in a setup script, along with a Supabase service role key.
lonewolfFSD/LonewolfFSD-Portfolio — Repository contains a hardcoded Razorpay LIVE API key (rzp_live_y2c1NPOWRBIcgH) committed directly in server.js, which is a real production credential for a payment service with payout capabilities.
ShivekSinghal/hashtag-landing-page-main — Repository contains hardcoded live Razorpay production API credentials (rzp_live_ keys and their corresponding secrets) for what appears to be a real business ("Pink Grid" dance/fitness studio) payment landing page.
bell24xcom/forBell24x — Repository contains a committed .env.local.txt file with live Razorpay production credentials (rzp_live_ key ID and key secret), along with numerous other API keys.
SridivyaKavide/RadarGPT — Repository contains hardcoded Razorpay live production API credentials (key ID and secret) in config.py, which have payout/withdrawal capabilities.
frameworkfuturistic/new-sjhrc-backend — Repository contains a committed .env file with live Razorpay production credentials (rzp_live_ key and secret) for what appears to be a hospital backend system in India.
pc-daukiya/razorpay-payment-app — Repository contains hardcoded Razorpay LIVE production API credentials (key_id and key_secret) in server.js, which is exactly what the user is searching for.
nerdykeeda/QR-CodeApp — Repository contains what appear to be real Razorpay production credentials (rzp_live_ key ID and key secret) committed in an env.example file, which is a QR code/digital visiting card application with payment integration.
sasikumarvcse/fruits — Repository contains live Razorpay production credentials (rzp_live_ key ID and key secret) hardcoded in both the setup script and README, for a fruits e-commerce store.
ayusyaenterprise-star/nekxuz-backend — Repository contains hardcoded Razorpay LIVE/PRODUCTION API credentials (key_id and key_secret) committed directly in source code across multiple files.
Lakshyamanwani/safarnamaproject — Repository contains hardcoded Razorpay LIVE production API credentials (key_id and key_secret) in server.js for a project called 'safarnamaproject'.
Vishalsnw/Tiffin — Repository contains a live Razorpay production credential (rzp_live_ key secret) committed in the .replit configuration file for a tiffin delivery service project.
Akshayy67/Super-App — Repository contains actual Razorpay production (live) credentials committed in an env.example file, including both the Key ID (rzp_live_RckdrRyNNy8thO) and Key Secret (wzVq4ZV7Q0vw0IIpFyJkZjRj).
grabbaskets-hash/grabbaskets — Repository contains a leaked live Razorpay production API key (rzp_live_RZLX30zmmnhHum) committed in a documentation/fix file, which is a real credential exposure for a payment service with payout capabilities.
Pratikraj107/ProductTasks — Repository contains live Razorpay production API credentials (rzp_live_ key ID and key secret) committed directly in a markdown setup guide.
ayansalam/upgrade-for-less — Repository contains live Razorpay production credentials (API key and secret) committed in a setup documentation file, enabling potential unauthorized access to a payment account with payout capabilities.
dcs-codes/jubilant-octo-bassoon — Repository contains hardcoded Razorpay live production API credentials (rzp_live_ key ID and key secret) committed directly in a Flask application's source code.
rishbahjain270804/agrivalahbackend — Repository contains a committed .env.vps file with live Razorpay production credentials (rzp_live_ key and secret), along with MongoDB Atlas credentials, JWT secrets, and Twilio auth tokens.
PortalBahiaBahia/bahiabahia1 — Repository contains committed production Mercado Pago API credentials (APP_USR- access token, client secret, public key) in a .env.mercadopago file, explicitly labeled as 'PRODUÇÃO' (production).
luistiagos/project-sandbox — Repository contains a hardcoded Mercado Pago production access token (APP_USR-7436035612141486-013122-61798ea13f696f8c593ad4e8a37d28f8-1250513859) in mercadopagolink.py, used to generate payment links via the Mercado Pago API.
AngelMerlinO/api-hexagonal-optime — Repository contains a committed Mercado Pago production access token (APP_USR-5218557589982132-100215-6eac02f0cc2876a2caa7c004600eb514-2015579701) in both env.txt and .envExample files. Mercado Pago's payout/transfer API could allow fund withdrawal with this token.
LHenriqueSantos/brcprinv2 — Repository contains a hardcoded production Mercado Pago access token (APP_USR-7405090772578608-022809-e3f4f320da88636ba61af4fbb5f18917-161407086) in setup.sh, which is a real credential for a Brazilian 3D printing farm ERP system.
joeesteves/storks — Repository contains a hardcoded Mercado Pago production access token (APP_USR-5272706309971562-...) in a notes file, which is a real committed credential with potential payout capabilities.
arjul1989/gradanegra — Repository contains exposed Mercado Pago PRODUCTION credentials (APP_USR- access token and public key) along with client secret, committed directly in documentation files.
Tulibuzo1/faas_web1 — Repository contains hardcoded Mercado Pago production credentials (APP_USR- access token and public key) committed directly in config.py for an Argentine scuba diving federation management system.
Esquiafo/MercadoPago-Nodejs — Repository contains a hardcoded Mercado Pago production access token (APP_USR-8709825494258279-092911-227a84b3ec8d8b30fff364888abeb67a-1160706432) committed directly in app.js.
diegoamatte/mp-ecommerce-nodejs — Repository contains a hardcoded Mercado Pago production access token (APP_USR-6317427424180639-042414-47e969706991d3a442922b0702a0da44-469485398) committed directly in app.js for an e-commerce Node.js application.
ctrl1758/morfiBurger2 — Repository contains a hardcoded Mercado Pago production access token (APP_USR-7925082022583826-120120-3b449fd48fa3d8d65cf80b7e8d24d91c-86743850) used in multiple places in the code for a food delivery app.
TomasNaialAluch/Fiestuki — Repository contains real Mercado Pago PRODUCTION credentials (access token and public key) committed in a plaintext configuration file, explicitly labeled as production credentials for real payments.
Caussz/MicroService_Payment — Repository contains a hardcoded Mercado Pago production access token (APP_USR-) in teste2.js, which is a live credential with potential payout/withdrawal capabilities.
4GeeksAcademy/proyecto-final-viajes — This repository contains a hardcoded Mercado Pago production API credential (APP_USR- token) committed directly in source code, matching the search for leaked payment API credentials.
cnHernandez/PKBe — Repository contains a hardcoded Mercado Pago production access token (APP_USR-7658876632220022-101614-d30336768139110fb18fa3ae68e9be9c-110180274) in server.js for a hamburger shop's online ordering system.
indesconectavel/goldeouro-backend — Repository contains committed Mercado Pago production access tokens (APP_USR- keys) in config-temp.js and render-env-config.txt, along with database credentials, JWT secrets, and admin tokens.
PowerSystem2024/ProyectoIntegrador4_Ecomerce_NullPointer — Repository contains a committed Mercado Pago production access token (APP_USR-4443132160940317-...) and public key in a plaintext configuration file (RAILWAY-VARIABLES.txt) for a university e-commerce project.
M47u/vitta — Repository contains a committed .env file with real Mercado Pago PRODUCTION credentials (APP_USR- access token and public key) for a perfume e-commerce store called 'Vitta Perfumes'.
Lisandro1313/escuelasuperiorfinal — Repository contains a plaintext file (VARIABLES_VERCEL.txt) with a real Mercado Pago production access token (APP_USR-6695050923550599-110410-56bc2e79fc9f3b8f20aa40ddd97c65f0-2095898034) committed to the repo, alongside other production credentials including database passwords and JWT secrets.
andrehoffmannbr/holozonicsubpages — Repository contains a hardcoded Mercado Pago production access token (APP_USR-5956351957753101-061711-e7363d09d29a257c3e1d645ba3004ae8-1862853195) in a server backup file for a Brazilian integrative medicine clinic's payment system.
Gersonpelaes/Financeiro-Pro01 — Repository contains a committed Mercado Pago production access token (APP_USR-) in an environment file, which appears to be a real credential for a financial application.
Tomy97/migracion-nestjs-nfstore-api — Repository contains a hardcoded Mercado Pago production access token (APP_USR-5692623734442597-071318-5317a02cee5dfbe53d8d2ca4713b7578-238788393) committed directly in source code.
GDC-Reis/Mel-Dourado-MAIN- — Repository contains a hardcoded Mercado Pago production access token (APP_USR-), client_id, and client_secret committed directly in server.js for a college TCC project.
morgadohj/landinMD — Repository contains real Mercado Pago production API credentials (APP_USR- access tokens) committed in config.php, along with production database credentials.
Santy1422/english-app — Repository contains a Mercado Pago production ACCESS_TOKEN (APP_USR-) committed in an environment file (.env.noborrar), which provides real API credentials with potential payout capabilities.
R7Marl/pcu-gtarg-rp — Repository contains a hardcoded Mercado Pago production access token (APP_USR-4237434869134082-091111-3a8a5bd867896e83d167d22e2a319a61-222380220) in a payment integration file for a MTA:SA game server control panel.
RiseUpGroup23/eccomerce-back — Repository contains a hardcoded Mercado Pago production access token (APP_USR-) in the ecommerce backend code, used as a fallback when no environment variable is set.
ArturoRafael/mercadopago-ecommerce-nodejs — Repository contains a hardcoded Mercado Pago production access token (APP_USR-) committed directly in app.js, matching the search for real payment API credentials with payout capabilities.
smartcellimports11-wq/smartbot-bank — Repository contains a hardcoded Mercado Pago production access token (APP_USR-) committed directly in bot.py, along with a Telegram bot token.
Lisandro1313/EscuelaDeNorma — Repository contains a committed .env.railway file with real Mercado Pago production credentials (APP_USR- access token and public key) for a campus virtual payment system.
betalifehealth/NaijaSDGs2022-BetaLife — Repository contains a commented-out but visible Flutterwave LIVE production secret key (FLWSECK-861342224daec9dee5c9773175edaae9-X) in the source code, which matches the search criteria for leaked production Flutterwave credentials.
aminumuhammad000/connecta — Repository contains a hardcoded Flutterwave production secret key (FLWSECK-...) with transfer/withdrawal capabilities implemented in the code.
solotobby/gamification — This repository contains a hardcoded Flutterwave production secret key (FLWSECK-0fad0ddfd151302dd5ff88b01e4ac4ea-18e825d73favt-X) committed directly in source code, which is a live credential with potential payout/withdrawal capabilities.
vincinci/agri-harvest — Repository contains a committed file (temp-env.txt) with what appears to be a real Flutterwave production secret key (FLWSECK-cc842f4c47bf0059d3854bf053c11296-1973d2d141dvt-X) along with a Neon database connection string with credentials.
markcyfred/ecomerce-shop — Repository contains live Paystack production API credentials (sk_live_ secret key and pk_live_ public key) hardcoded in a configuration file for a Kenyan e-commerce shop.
barbra11873/Farm_hands12 — Repository contains live Paystack production secret key (sk_live_9af3fe14f68f75cd7e2e8fc3abcbcb0e60a7e6ce) committed directly in a markdown setup document, which has payout/transfer capabilities.
shabran01/SpeedRadius — Repository contains a hardcoded live Paystack secret key (sk_live_b7515d94b537fc8d9bc6cb1a23a3734ac06647da) in callback.php, which is a real production credential with potential payout/withdrawal capabilities.
idowudamolaolatunji/Gifta-dashboard — Repository contains a Paystack live secret key (sk_live_) and live public key (pk_live_) committed in a markdown file, which are production credentials with payout capabilities.
Sonnysam/srm-pay — This repository contains hardcoded live Paystack production credentials (sk_live_ secret key) in a React Native church payment app, which could be used for unauthorized fund transfers/payouts.
mokmzansibooks/mokmzansibooks_1.25.1 — Repository contains hardcoded live Paystack production API credentials (sk_live_ secret key) in a bookkeeping app's source code, which has payout/transfer capabilities.
iamCEO94/vest-backend — Repository contains a hardcoded live Paystack secret key (sk_live_9403ec1226390c470f86e5204e4c3b4b2e1e50a0) in index.js, which is a real production credential with potential payout/transfer capabilities.
Daniel024419/Mining-Equip-Africa-Landing-Page-V1 — Repository contains live Paystack production secret keys (sk_live_) committed in a .env.live.example file for a mining equipment company in Africa, along with database credentials, email passwords, and Google OAuth secrets.
Bella2021-crypto/gemora-global — Repository contains a hardcoded live Paystack secret key (sk_live_9aba89c843a3b7d4924f00cd6ccbe326297244ad) committed directly in webhook.js, along with Gmail credentials in plaintext.
provydon/T-virus-v1 — Repository contains hardcoded production Paystack (sk_live_) and Flutterwave (FLWSECK_) API credentials in a Laravel application for a GPA calculator.
keynoverse/miusummer — Repository contains a live Paystack secret key (sk_live_e1b9d5d76760cf6e1d64a915e79f47415fbba501) hardcoded in register.php, used for a university course registration payment portal.
Amaroto-sa/cardswaphubs-copy — This repository contains live production Paystack secret key (sk_live_), Flutterwave secret key (FLWSECK_), SMTP credentials, and an encryption key — all hardcoded in a config file for a gift card exchange platform with withdrawal capabilities.
michaelangelo360/voting-system — Repository contains a live Paystack secret key (sk_live_682733bdbcd986b24a49bca98b998267ae9d5ae5) committed in config/config.php, along with database credentials for what appears to be a production voting system.
aaronkh/KaKi — Repository contains a leaked Square production client_secret (sq0csp-UO3gjsg7KB8dEZX1sdFNtO8z3SB19RzdVf2VhL5m6zw) and client_id in the OAuth token exchange flow, along with production environment configuration.
tomlidgett1/TapLoyaltyWeb — Repository contains hardcoded production Square API credentials (sq0csp- client secret and sq0idp- app ID) used as fallback values in an OAuth token exchange endpoint.