CVE-2011-10026

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Rubys send method. This flaw enables unauthenticated attackers to execute commands on the server.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
VulnCheckCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Common Weakness Enumeration
References
https://github.com/spree
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
https://www.exploit-db.com/exploits/17199
https://www.vulncheck.com/advisories/spreecommerce-api-rce