Vulnerability Details CVE-2024-50654
lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.9%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2024-50654
-
cpe:2.3:a:pickmall:lilishop:-
-
cpe:2.3:a:pickmall:lilishop:1.0
-
cpe:2.3:a:pickmall:lilishop:4.1
-
cpe:2.3:a:pickmall:lilishop:4.2
-
cpe:2.3:a:pickmall:lilishop:4.2.1
-
cpe:2.3:a:pickmall:lilishop:4.2.2
-
cpe:2.3:a:pickmall:lilishop:4.2.3
-
cpe:2.3:a:pickmall:lilishop:4.2.4