Vulnerabilites related to spreecommerce - spree
CVE-2011-10026 (GCVE-0-2011-10026)
Vulnerability from cvelistv5
Published
2025-08-20 15:41
Modified
2025-08-20 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spreecommerce | Spreecommerce |
Version: * ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2011-10026",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T18:45:19.867407Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T18:45:28.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"API search functionality (searchlogic)",
"search[instance_eval] parameter"
],
"product": "Spreecommerce",
"vendor": "Spreecommerce",
"versions": [
{
"lessThan": "0.50.x",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joernchen (Phenoelit)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API\u0027s search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby\u2019s send method. This flaw enables unauthenticated attackers to execute commands on the server."
}
],
"value": "Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API\u0027s search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby\u2019s send method. This flaw enables unauthenticated attackers to execute commands on the server."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T15:41:40.151Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb"
},
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/17199"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes"
},
{
"tags": [
"product"
],
"url": "https://github.com/spree"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/spreecommerce-api-rce"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spreecommerce \u003c 0.50.x API RCE",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2011-10026",
"datePublished": "2025-08-20T15:41:40.151Z",
"dateReserved": "2025-08-18T20:39:27.409Z",
"dateUpdated": "2025-08-20T18:45:28.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3978 (GCVE-0-2010-3978)
Vulnerability from cvelistv5
Published
2010-11-17 15:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a "JSON hijacking" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.conviso.com.br/json-hijacking-vulnerability/ | x_refsource_MISC | |
| http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/ | x_refsource_CONFIRM | |
| https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac | x_refsource_CONFIRM | |
| http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/ | x_refsource_CONFIRM | |
| https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135 | x_refsource_CONFIRM | |
| http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/ | x_refsource_MISC | |
| http://twitter.com/conviso/statuses/29555076248 | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/514674/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.conviso.com.br/json-hijacking-vulnerability/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/conviso/statuses/29555076248"
},
{
"name": "20101108 Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514674/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a \"JSON hijacking\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.conviso.com.br/json-hijacking-vulnerability/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/conviso/statuses/29555076248"
},
{
"name": "20101108 Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514674/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a \"JSON hijacking\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.conviso.com.br/json-hijacking-vulnerability/",
"refsource": "MISC",
"url": "http://www.conviso.com.br/json-hijacking-vulnerability/"
},
{
"name": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/"
},
{
"name": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac",
"refsource": "CONFIRM",
"url": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac"
},
{
"name": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/"
},
{
"name": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135",
"refsource": "CONFIRM",
"url": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135"
},
{
"name": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/",
"refsource": "MISC",
"url": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/"
},
{
"name": "http://twitter.com/conviso/statuses/29555076248",
"refsource": "MISC",
"url": "http://twitter.com/conviso/statuses/29555076248"
},
{
"name": "20101108 Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514674/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3978",
"datePublished": "2010-11-17T15:00:00",
"dateReserved": "2010-10-18T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7311 (GCVE-0-2008-7311)
Vulnerability from cvelistv5
Published
2012-04-04 22:00
Modified
2024-09-17 00:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.spreehq.org/issues/show/63 | x_refsource_CONFIRM | |
| http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.spreehq.org/issues/show/63"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.spreehq.org/issues/show/63"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.spreehq.org/issues/show/63",
"refsource": "CONFIRM",
"url": "http://support.spreehq.org/issues/show/63"
},
{
"name": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7311",
"datePublished": "2012-04-04T22:00:00Z",
"dateReserved": "2012-04-04T00:00:00Z",
"dateUpdated": "2024-09-17T00:06:53.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-10019 (GCVE-0-2011-10019)
Vulnerability from cvelistv5
Published
2025-08-13 20:53
Modified
2025-08-18 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spreecommerce | Spreecommerce |
Version: * ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2011-10019",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-14T13:45:30.960902Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T14:52:06.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"search[send][]",
"Kernel.fork",
"eval"
],
"product": "Spreecommerce",
"vendor": "Spreecommerce",
"versions": [
{
"lessThan": "0.60.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "joernchen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby\u2019s send method. This allows attackers to execute arbitrary shell commands on the server without authentication."
}
],
"value": "Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby\u2019s send method. This allows attackers to execute arbitrary shell commands on the server without authentication."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T20:43:52.885Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_search_exec.rb"
},
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/17941"
},
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://web.archive.org/web/20111009192436/http://spreecommerce.com/blog/2011/10/05/remote-command-product-group/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/spreecommerce-search-parameter-rce"
},
{
"tags": [
"product"
],
"url": "https://github.com/orgs/spree"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spreecommerce \u003c 0.60.2 Search Parameter RCE",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2011-10019",
"datePublished": "2025-08-13T20:53:33.577Z",
"dateReserved": "2025-08-13T18:01:12.138Z",
"dateUpdated": "2025-08-18T20:43:52.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7310 (GCVE-0-2008-7310)
Vulnerability from cvelistv5
Published
2012-04-04 22:00
Modified
2024-09-16 23:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/ | x_refsource_CONFIRM | |
| http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model\u0027s attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a \"mass assignment\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model\u0027s attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a \"mass assignment\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/"
},
{
"name": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment",
"refsource": "MISC",
"url": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7310",
"datePublished": "2012-04-04T22:00:00Z",
"dateReserved": "2012-04-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:30:34.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1656 (GCVE-0-2013-1656)
Vulnerability from cvelistv5
Published
2013-03-08 18:00
Modified
2024-08-06 15:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; and the (2) promotion_action parameter to promotion_actions_controller.rb, (3) promotion_rule parameter to promotion_rules_controller.rb, and (4) calculator_type parameter to promotions_controller.rb in promo/app/controllers/spree/admin/, related to unsafe use of the constantize function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html | x_refsource_MISC | |
| http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed | x_refsource_CONFIRM | |
| https://www.conviso.com.br/advisories/CVE-2013-1656.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; and the (2) promotion_action parameter to promotion_actions_controller.rb, (3) promotion_rule parameter to promotion_rules_controller.rb, and (4) calculator_type parameter to promotions_controller.rb in promo/app/controllers/spree/admin/, related to unsafe use of the constantize function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-28T11:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; and the (2) promotion_action parameter to promotion_actions_controller.rb, (3) promotion_rule parameter to promotion_rules_controller.rb, and (4) calculator_type parameter to promotions_controller.rb in promo/app/controllers/spree/admin/, related to unsafe use of the constantize function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html",
"refsource": "MISC",
"url": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html"
},
{
"name": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"name": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt",
"refsource": "MISC",
"url": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1656",
"datePublished": "2013-03-08T18:00:00",
"dateReserved": "2013-02-11T00:00:00",
"dateUpdated": "2024-08-06T15:13:32.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2506 (GCVE-0-2013-2506)
Vulnerability from cvelistv5
Published
2013-03-08 18:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves.
References
| ▼ | URL | Tags |
|---|---|---|
| http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed | x_refsource_CONFIRM | |
| https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-17T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed",
"refsource": "CONFIRM",
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"name": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65",
"refsource": "CONFIRM",
"url": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2506",
"datePublished": "2013-03-08T18:00:00",
"dateReserved": "2013-03-08T00:00:00",
"dateUpdated": "2024-08-06T15:44:32.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26223 (GCVE-0-2020-26223)
Vulnerability from cvelistv5
Published
2020-11-13 17:25
Modified
2024-08-04 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr | x_refsource_CONFIRM | |
| https://github.com/spree/spree/pull/10573 | x_refsource_MISC | |
| https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spree",
"vendor": "spree",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.13"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.5"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree \u003c 3.7 are not affected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-13T17:25:20",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
],
"source": {
"advisory": "GHSA-m2jr-hmc3-qmpr",
"discovery": "UNKNOWN"
},
"title": "Authorization bypass in Spree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26223",
"STATE": "PUBLIC",
"TITLE": "Authorization bypass in Spree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "spree",
"version": {
"version_data": [
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.13"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.5"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.12"
}
]
}
}
]
},
"vendor_name": "spree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree \u003c 3.7 are not affected."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr",
"refsource": "CONFIRM",
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"name": "https://github.com/spree/spree/pull/10573",
"refsource": "MISC",
"url": "https://github.com/spree/spree/pull/10573"
},
{
"name": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status",
"refsource": "MISC",
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
]
},
"source": {
"advisory": "GHSA-m2jr-hmc3-qmpr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-26223",
"datePublished": "2020-11-13T17:25:20",
"dateReserved": "2020-10-01T00:00:00",
"dateUpdated": "2024-08-04T15:49:07.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-04-05 13:25
Modified
2025-04-11 00:51
Severity ?
Summary
Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | 0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5EABA0-0D43-4240-B080-80BB7015074F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model\u0027s attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a \"mass assignment\" vulnerability."
},
{
"lang": "es",
"value": "Spree v0.2.0 no restringe adecuadamente el uso de un hash para proporcionar los valores de los atributos de un modelo, lo que permite a atacantes remotos establecer el valor de estado de orden (Order State Value) y evitar el paso del pago solicitado a trav\u00e9s de una URL modificada, est\u00e1 relacionado con una vulnerabilidad de \"asignaci\u00f3n masiva\"."
}
],
"id": "CVE-2008-7310",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-05T13:25:21.177",
"references": [
{
"source": "cve@mitre.org",
"url": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://railspikes.com/2008/9/22/is-your-rails-application-safe-from-mass-assignment"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/2008/09/16/security-vulnerability-mass-assignment-of-order-params/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-05 13:25
Modified
2025-04-11 00:51
Severity ?
Summary
The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | 0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5EABA0-0D43-4240-B080-80BB7015074F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.action_controller_session hash value (aka secret key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the config/environment.rb file."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de cookie de sesi\u00f3n en Spree v0.2.0 utiliza un valor de hash \"hardodeado\" de config.action_controller_session (clave secreta), lo que hace que sea m\u00e1s f\u00e1cil evitar los mecanismos de protecci\u00f3n criptogr\u00e1ficos para los atacantes remotos aprovechandose de una aplicaci\u00f3n que contiene este valor en el fichero configenvironment.rb."
}
],
"id": "CVE-2008-7311",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-05T13:25:21.380",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/"
},
{
"source": "cve@mitre.org",
"url": "http://support.spreehq.org/issues/show/63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/2008/08/12/security-vulernability-session-cookie-store/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.spreehq.org/issues/show/63"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-08 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | 1.1.0 | |
| spreecommerce | spree | 1.1.1 | |
| spreecommerce | spree | 1.1.2 | |
| spreecommerce | spree | 1.1.3 | |
| spreecommerce | spree | 1.1.4 | |
| spreecommerce | spree | 1.1.5 | |
| spreecommerce | spree | 1.1.6 | |
| spreecommerce | spree | 1.2.0 | |
| spreecommerce | spree | 1.2.1 | |
| spreecommerce | spree | 1.2.2 | |
| spreecommerce | spree | 1.2.3 | |
| spreecommerce | spree | 1.2.4 | |
| spreecommerce | spree | 1.3.0 | |
| spreecommerce | spree | 1.3.1 | |
| spreecommerce | spree | 1.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4C456B-99E3-4550-9F03-74E828EADC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AE2CB0-58FE-485F-8722-0F6799FEE97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1C92A9-CDC0-422F-868A-1DEF9887BC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A05B3F-8F92-421E-A18B-FEEB9EF672A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B58ACE5-EA8E-4266-BC0C-86B34439BA1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3258380-E9CA-4F59-92BD-E568B7FE823F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A0F16F-EEA6-496A-83CC-EE87DF06195F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A78A39-0D61-4935-927A-EAFC904D1BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E9A11C-BDAC-4F21-B165-9CB6636FD45B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD9FB6C-D1C5-4D96-88B6-C24C36EF4679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3C7D8B-3BF3-47FE-9197-5171A07ED7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3015DFDE-8BAB-4A85-BAC4-370FDE089C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F31E7395-CCA8-4ABE-8461-83F152D52443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75DA34B2-C070-4457-9623-371E8DF8B648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC5AB60-888B-4C05-A5F9-178538B30592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves."
},
{
"lang": "es",
"value": "app/models/spree/user.rb en spree_auth_devise en Spree v1.1.x antes de v1.1.6, v1.2.x, y v1.3.x no lleva a cabo una asignaci\u00f3n autorizada de forma segura cuando se actualiza un usuario, lo que permite a usuarios remotos autenticados asignar funciones de su elecci\u00f3n a s\u00ed mismos.\r\n"
}
],
"id": "CVE-2013-2506",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-08T18:55:01.773",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/spree/spree_auth_devise/commit/038d74771d3b5c13d13b738b73dfda1033a99f65"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-08 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; and the (2) promotion_action parameter to promotion_actions_controller.rb, (3) promotion_rule parameter to promotion_rules_controller.rb, and (4) calculator_type parameter to promotions_controller.rb in promo/app/controllers/spree/admin/, related to unsafe use of the constantize function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | * | |
| spreecommerce | spree | 1.0.0 | |
| spreecommerce | spree | 1.0.1 | |
| spreecommerce | spree | 1.0.2 | |
| spreecommerce | spree | 1.0.3 | |
| spreecommerce | spree | 1.0.4 | |
| spreecommerce | spree | 1.0.5 | |
| spreecommerce | spree | 1.0.6 | |
| spreecommerce | spree | 1.0.7 | |
| spreecommerce | spree | 1.1.0 | |
| spreecommerce | spree | 1.1.1 | |
| spreecommerce | spree | 1.1.2 | |
| spreecommerce | spree | 1.1.3 | |
| spreecommerce | spree | 1.1.4 | |
| spreecommerce | spree | 1.1.5 | |
| spreecommerce | spree | 1.1.6 | |
| spreecommerce | spree | 1.2.0 | |
| spreecommerce | spree | 1.2.1 | |
| spreecommerce | spree | 1.2.2 | |
| spreecommerce | spree | 1.2.3 | |
| spreecommerce | spree | 1.2.4 | |
| spreecommerce | spree | 1.3.0 | |
| spreecommerce | spree | 1.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC68F68B-6670-46DB-ABE2-03235CF421AD",
"versionEndIncluding": "1.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21148132-CBE3-4556-90F2-A1AEB6E90441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06D5D1B2-21FD-439E-9401-FE8CDB5D8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B12C638A-6087-4300-A2E4-88A746894646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEFE273-624C-4F83-8B00-C35BF3C07AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "63C90684-F41D-4C94-9C7C-CC26C6C12E5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "152A3126-C776-4D9C-AB48-48E65380A475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C4A43D-B5C8-42F4-9D21-979F9F60A272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D1B62694-25F2-4324-8A90-B53D8D9815B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4C456B-99E3-4550-9F03-74E828EADC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AE2CB0-58FE-485F-8722-0F6799FEE97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1C92A9-CDC0-422F-868A-1DEF9887BC27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A05B3F-8F92-421E-A18B-FEEB9EF672A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B58ACE5-EA8E-4266-BC0C-86B34439BA1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C3258380-E9CA-4F59-92BD-E568B7FE823F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A0F16F-EEA6-496A-83CC-EE87DF06195F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A78A39-0D61-4935-927A-EAFC904D1BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E9A11C-BDAC-4F21-B165-9CB6636FD45B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD9FB6C-D1C5-4D96-88B6-C24C36EF4679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3C7D8B-3BF3-47FE-9197-5171A07ED7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3015DFDE-8BAB-4A85-BAC4-370FDE089C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F31E7395-CCA8-4ABE-8461-83F152D52443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75DA34B2-C070-4457-9623-371E8DF8B648",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; and the (2) promotion_action parameter to promotion_actions_controller.rb, (3) promotion_rule parameter to promotion_rules_controller.rb, and (4) calculator_type parameter to promotions_controller.rb in promo/app/controllers/spree/admin/, related to unsafe use of the constantize function."
},
{
"lang": "es",
"value": "Spree Commerce 1.0.x hasta la versi\u00f3n 1.3.2 permite a administradores autenticados remotos instanciar objetos Ruby arbitrarios y ejecutar comandos arbitrarios a trav\u00e9s de el par\u00e1metro (1) payment_method en core/app/controllers/spree/admin/payment_methods_controller.rb; y (2) promotion_action en promotion_actions_controller.rb, (3) promotion_rule en promotion_rules_controller.rb y (4) calculator_type en promotions_controller.rb en promo/app/controllers/spree/admin/, relacionado con la utilizaci\u00f3n insegura de la funci\u00f3n constantize."
}
],
"id": "CVE-2013-1656",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-08T18:55:01.637",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.conviso.com.br/2013/03/spree-commerce-multiple-unsafe.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://spreecommerce.com/blog/multiple-security-vulnerabilities-fixed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.conviso.com.br/advisories/CVE-2013-1656.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-08-13 21:15
Modified
2025-09-24 00:31
Severity ?
Summary
Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60535F3D-F86D-4D9F-8980-8800687FEDE7",
"versionEndExcluding": "0.60.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby\u2019s send method. This allows attackers to execute arbitrary shell commands on the server without authentication."
},
{
"lang": "es",
"value": "Las versiones de Spreecommerce anteriores a la 0.60.2 contienen una vulnerabilidad de ejecuci\u00f3n remota de comandos en su funci\u00f3n de b\u00fasqueda. La aplicaci\u00f3n no depura correctamente la entrada enviada mediante el par\u00e1metro search[send][], que se invoca din\u00e1micamente mediante el m\u00e9todo send de Ruby. Esto permite a los atacantes ejecutar comandos de shell arbitrarios en el servidor sin autenticaci\u00f3n."
}
],
"id": "CVE-2011-10019",
"lastModified": "2025-09-24T00:31:10.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-08-13T21:15:29.543",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://github.com/orgs/spree"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_search_exec.rb"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Release Notes"
],
"url": "https://web.archive.org/web/20111009192436/http://spreecommerce.com/blog/2011/10/05/remote-command-product-group/"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/17941"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/spreecommerce-search-parameter-rce"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-08-20 16:15
Modified
2025-09-24 00:19
Severity ?
Summary
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CFC1F2-0A53-43BB-A91C-64ACE39499E4",
"versionEndExcluding": "0.50.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API\u0027s search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby\u2019s send method. This flaw enables unauthenticated attackers to execute commands on the server."
},
{
"lang": "es",
"value": "Las versiones de Spreecommerce anteriores a la 0.50.x contienen una vulnerabilidad de ejecuci\u00f3n remota de comandos en la funci\u00f3n de b\u00fasqueda de la API. Una depuraci\u00f3n de entrada incorrecta permite a los atacantes inyectar comandos de shell arbitrarios mediante el par\u00e1metro search[instance_eval], que se invoca din\u00e1micamente mediante el m\u00e9todo send de Ruby. Esta vulnerabilidad permite a atacantes no autenticados ejecutar comandos en el servidor."
}
],
"id": "CVE-2011-10026",
"lastModified": "2025-09-24T00:19:30.220",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-08-20T16:15:35.440",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://github.com/spree"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Vendor Advisory"
],
"url": "https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/17199"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/spreecommerce-api-rce"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-13 18:15
Modified
2024-11-21 05:19
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/spree/spree/pull/10573 | Exploit, Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr | Third Party Advisory | |
| security-advisories@github.com | https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/spree/spree/pull/10573 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | * | |
| spreecommerce | spree | * | |
| spreecommerce | spree | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0DFB4E-3D62-4C6C-A227-3B839055F34C",
"versionEndExcluding": "3.7.13",
"versionStartIncluding": "3.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10057D2-194D-4019-A8F3-9A64E3BAFE70",
"versionEndExcluding": "4.0.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95279953-3BEB-454E-8C60-F4E00602849B",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree \u003c 3.7 are not affected."
},
{
"lang": "es",
"value": "Spree es una completa soluci\u00f3n e-commerce de c\u00f3digo abierto construida con Ruby on Rails.\u0026#xa0;En Spree desde la versi\u00f3n 3.7 y versiones anteriores a 3.7.13, 4.0.5 y 4.1.12, se presenta una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n.\u0026#xa0;El perpetrador podr\u00eda consultar el endpoint API v2 Order Status con una cadena vac\u00eda pasada como un token de pedido.\u0026#xa0;Esto est\u00e1 parcheado en versiones 3.7.11, 4.0.4 o 4.1.11 dependiendo de la versi\u00f3n de Spree usada.\u0026#xa0;Los usuarios de Spree versiones anteriores a 3.7 no est\u00e1n afectados"
}
],
"id": "CVE-2020-26223",
"lastModified": "2024-11-21T05:19:34.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-13T18:15:12.777",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/spree/spree/pull/10573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/spree/spree/security/advisories/GHSA-m2jr-hmc3-qmpr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://guides.spreecommerce.org/api/v2/storefront#tag/Order-Status"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-17 16:00
Modified
2025-04-11 00:51
Severity ?
Summary
Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a "JSON hijacking" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| spreecommerce | spree | 0.11.0 | |
| spreecommerce | spree | 0.11.1 | |
| spreecommerce | spree | 0.30.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:spreecommerce:spree:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0346160C-A540-4E2E-AFA2-604B74C918FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC6C117-2655-4910-9FE1-EAFAB17D783A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:spreecommerce:spree:0.30.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7267DD4D-1BE1-4160-B2DD-B40D31BDEE7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a \"JSON hijacking\" issue."
},
{
"lang": "es",
"value": "Spree v0.11.x anterior a v0.11.2 y v0.30.x anterior a v0.30.0, intercambia datos empleando JavaScript Object Notation (JSON) sin un mecanismo que valide las peticiones, lo que permite a atacantes remotos la obtenci\u00f3n de informaci\u00f3n sensible a trav\u00e9s de vectores que involucran (1) admin/products.json, (2) admin/users.json, o (3) admin/overview/get_report_data, relacionado con la cuesti\u00f3n de \"secuestro JSON\"."
}
],
"id": "CVE-2010-3978",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-17T16:00:02.343",
"references": [
{
"source": "cve@mitre.org",
"url": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/"
},
{
"source": "cve@mitre.org",
"url": "http://twitter.com/conviso/statuses/29555076248"
},
{
"source": "cve@mitre.org",
"url": "http://www.conviso.com.br/json-hijacking-vulnerability/"
},
{
"source": "cve@mitre.org",
"url": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514674/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://spreecommerce.com/blog/2010/11/09/spree-0-30-0-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://twitter.com/conviso/statuses/29555076248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.conviso.com.br/json-hijacking-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.conviso.com.br/security-advisory-spree-e-commerce-json-v-0-11x/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514674/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/railsdog/spree/commit/19944bd999c310d9b10d16a41f48ebac97dc4fac"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/railsdog/spree/commit/d881b2bb610ea33e2364ff16feb8e702dfeda135"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}