Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lilishop 安全漏洞
Vulnerability Description
Lilishop是Lilishop开源的一个商城系统。 Lilishop 4.2.4版本及之前版本存在安全漏洞,该漏洞源于访问控制错误。攻击者利用该漏洞可以通过高并发捕获并发送优惠券领取数据包,获取超出数量限制的优惠券。
CVSS Information
N/A
Vulnerability Type
N/A