VYPR

RubyGems package

rd_searchlogic

pkg:gem/rd_searchlogic

Vulnerabilities (1)

  • CVE-2011-10026Aug 20, 2025
    affected <= 3.0.1

    Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Rub