cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-0103,https://securityvulnerability.io/vulnerability/CVE-2025-0103,SQL Injection Vulnerability in Palo Alto Networks Expedition,"An SQL injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to access sensitive database information. This includes revealing password hashes, usernames, device configurations, and API keys. Moreover, the flaw can be exploited to create and read arbitrary files on the Expedition system, further compromising its integrity and security. It is crucial for users of Expedition to apply security patches and follow best practices to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",9.2,CRITICAL,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,70
CVE-2025-0107,https://securityvulnerability.io/vulnerability/CVE-2025-0107,OS Command Injection Vulnerability in Palo Alto Networks Expedition,"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.3,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0104,https://securityvulnerability.io/vulnerability/CVE-2025-0104,Reflected Cross-Site Scripting Vulnerability in Palo Alto Networks Expedition,"A reflected cross-site scripting vulnerability exists in Palo Alto Networks Expedition that permits attackers to execute malicious JavaScript code. This can occur when an authenticated user clicks on a specially crafted link, resulting in potential phishing attacks and the theft of their browser session. This vulnerability highlights the importance of user caution and proactive security measures to mitigate the risks associated with online threats.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",7,HIGH,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0105,https://securityvulnerability.io/vulnerability/CVE-2025-0105,Arbitrary File Deletion Vulnerability in Palo Alto Networks Expedition,"An arbitrary file deletion vulnerability in Palo Alto Networks Expedition permits an unauthenticated attacker to delete files that are accessible to the www-data user on the host filesystem. This flaw could potentially be exploited to compromise the integrity of the system, allowing unauthorized manipulation of files critical to the operation of the affected application.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0106,https://securityvulnerability.io/vulnerability/CVE-2025-0106,Wildcard Expansion Vulnerability in Palo Alto Networks Expedition,"A wildcard expansion vulnerability exists in Palo Alto Networks Expedition, which allows unauthenticated attackers to enumerate files on the host filesystem. This weakness could potentially lead to exposing sensitive information and escalate further attacks on the system. It is vital for users of Expedition to review security advisories and implement recommended patches to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0