{"vulnerability": "CVE-2020-1503", "sightings": [{"uuid": "390fdad5-baf8-4a69-9cbf-5e04d4984e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15036", "type": "seen", "source": "https://t.me/cibsecurity/13286", "content": "ATENTION\u203c New - CVE-2020-15036\n\nNeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-07T18:55:20.000000Z"}, {"uuid": "bd9d0da6-035d-4062-b09e-2bb6044266aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15031", "type": "seen", "source": "https://t.me/cibsecurity/13296", "content": "ATENTION\u203c New - CVE-2020-15031\n\nNeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-07T20:55:29.000000Z"}, {"uuid": "1d92b0fb-9086-406c-957b-d62a1f8fd9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15037", "type": "seen", "source": "https://t.me/cibsecurity/13285", "content": "ATENTION\u203c New - CVE-2020-15037\n\nNeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-07T18:55:20.000000Z"}, {"uuid": "eaf97e87-7d4c-49fe-820c-2835ec1dc675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15030", "type": "seen", "source": "https://t.me/cibsecurity/13297", "content": "ATENTION\u203c New - CVE-2020-15030\n\nNeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-07T20:55:31.000000Z"}, {"uuid": "acdfe61c-a9a2-4c3b-9a2c-ea05e22f3ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15032", "type": "seen", "source": "https://t.me/cibsecurity/13295", "content": "ATENTION\u203c New - CVE-2020-15032\n\nNeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-07T20:55:28.000000Z"}]}