CVEs-PoC/2011/CVE-2011-10019.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-07 04:00:48 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.2 KiB

Raw Permalink Blame History

CVE-2011-10019

Description

Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.

POC

Reference

https://www.exploit-db.com/exploits/17941
https://www.vulncheck.com/advisories/spreecommerce-search-parameter-rce

Github

No PoCs found on GitHub currently.

1.2 KiB Raw Permalink Blame History Unescape Escape

CVE-2011-10019

Description

POC

Reference

Github

1.2 KiB

Raw Permalink Blame History