Base Score

CRITICAL9.8

CVE-2011-10026

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.

VectorNETWORK

Published Bydisclosure@vulncheck.com

Published DateAug 20, 2025, 16:15

Affected Versions(2)

spree(RubyGems)

Introduced0.30.0.beta1

Fixed0.50.0

LimitN/A

rd_searchlogic(RubyGems)

Introduced0

FixedN/A

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
spree(RubyGems)	0.30.0.beta1	0.50.0	N/A
rd_searchlogic(RubyGems)	0	N/A	N/A

Weakness Type (CWE):CWE-78

CVSS Metrics

Base Score

9.3

Vector String

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Base Severity

CRITICAL

Version

4.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

References

Base Score

CRITICAL9.8

Weakness Type (CWE):CWE-78

CVSS Metrics

Base Score

9.3

Vector String

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Base Severity

CRITICAL

Version

4.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

CVE-2011-10026

VectorNETWORK

Published Bydisclosure@vulncheck.com

Published DateAug 20, 2025, 16:15

Package (Ecosystem)

Introduced

Fixed

Limit

spree(RubyGems)

0.30.0.beta1

0.50.0

N/A

rd_searchlogic(RubyGems)

N/A