13 matches found
EUVD-2014-5890
Malware in sbrugna...
EUVD-2016-2657
Malware in sbrugna...
newlook.dteenergy.com Cross Site Scripting vulnerability OBB-3505052
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
DTE Energy Insight application for Android information disclosure vulnerability
The DTE Energy Insight application for Android is DTE Energy's suite of Android-based applications that enable DTE Energy customers to track their energy usage. A security vulnerability exists in the REST API of the DTE Energy Insight application for Android prior to version 1.7.8. The...
CVE-2016-1562
The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter...
Design/Logic Flaw
The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter...
CVE-2016-1562
The CVE-2016-1562 issue affects the DTE Energy Insight Android app’s REST API prior to version 1.7.8. An authenticated remote user could obtain limited customer data by manipulating a SQL expression in the filter parameter. The root cause is exposure via the filter parameter in the REST API, lead...
CVE-2016-1562
The REST API in the DTE Energy Insight application before 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter...
DTE Energy Insight app vulnerable to information exposure
Overview The DTE Energy Insight app API allows an authenticated user to obtain and query certain limited customer information from other customers. Description CWE-200: Information Exposure- CVE-2016-1562The DTE Energy Insight app lets DTE Energy customers track their energy usage. This informati...
CVE-2014-6002
The DTE Energy aka com.dteenergy.mydte application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The DTE Energy aka com.dteenergy.mydte application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6002
The DTE Energy aka com.dteenergy.mydte application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6002
The CVE-2014-6002 entry concerns the DTE Energy (com.dteenergy.mydte) Android app, version 3.0.3, which does not verify X.509 certificates when connecting to SSL servers. This weakness allows an attacker performing a man-in-the-middle attack to spoof servers and access sensitive information via a...