This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.
d3108b6b1413b6aeeeff914cbc18a85d9770bf726d64b72125ff0d155c918d7a