lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency.
Metrics
Affected Vendors & Products
References
History
Thu, 21 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-346 | |
Metrics |
ssvc
|
Wed, 20 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Pickmall
Pickmall lilishop |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:pickmall:lilishop:*:*:*:*:*:*:*:* | |
Vendors & Products |
Pickmall
Pickmall lilishop |
|
Metrics |
cvssV3_1
|
Fri, 15 Nov 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-11-15T00:00:00
Updated: 2024-11-21T19:03:34.053Z
Reserved: 2024-10-28T00:00:00
Link: CVE-2024-50654
Vulnrichment
Updated: 2024-11-21T19:02:08.666Z
NVD
Status : Modified
Published: 2024-11-15T17:15:20.507
Modified: 2024-11-21T19:15:11.113
Link: CVE-2024-50654
Redhat
No data.