CVE-2025-31693

MEDIUM Year: 2025
CVSS v3 Score
6.6
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.

Related Vulnerabilities

CVE-2018-0643

MEDIUM
CVSS:6.6(Medium)

Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vect...

CWE-782018

CVE-2019-6013

MEDIUM
CVSS:6.6(Medium)

DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI).

CWE-782019

CVE-2020-7735

MEDIUM
CVSS:6.6(Medium)

The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

CWE-782020

CVE-2023-46306

MEDIUM
CVSS:6.6(Medium)

The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters ...

CWE-782023

CVE-2023-47220

MEDIUM
CVSS:6.6(Medium)

An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We...

CWE-782023

CVE-2024-50569

MEDIUM
CVSS:6.6(Medium)

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb 7.0.0 through 7.6.0 allows attacker to execute unauthorized code or commands via craft...

CWE-782024