Posted by Ron E on Aug 18
nopCommerce is vulnerable to Insufficient Resource Allocation Limits when
handling large Excel file imports. Although the application provides a
warning message recommending that users avoid importing more than 500–1,000
records at once due to memory constraints, the system does not enforce hard
limits on file size, record count, or concurrent imports.
An attacker can exploit this by uploading excessively large Excel files or
automating…
– Read More – Full Disclosure
