8 Total advisories
8 Vulnerabilities
0 Malware
Vulnerabilities
CRITICAL 9.8
CVE-2011-10019
Spree has Remote Command Execution vulnerability in search functionality
UNKNOWN
GHSA-xf4v-w5x5-pv79
Spree: CSV Formula Injection in Customer Export
HIGH 7.4
CVE-2020-15269
Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls
UNKNOWN
CVE-2011-10026
Spree Commerce is vulnerable to RCE through Search API
UNKNOWN
CVE-2008-7310
Spree does not properly restrict the use of a hash to provide values for a model's attributes
UNKNOWN
CVE-2008-7311
Spree uses a hardcoded hash value
UNKNOWN
CVE-2010-3978
Spree allows remote attackers to obtain sensitive information
UNKNOWN
CVE-2013-1656
Spree Improper Input Validation vulnerability
Ready to move
Start Securing
Free, no credit card | First findings in minutes