nopCommerce is vulnerable to Insufficient Resource Allocation Limits when
handling large Excel file imports. Although the application provides a
warning message recommending that users avoid importing more than 500–1,000
records at once due to memory constraints, the system does not enforce hard
limits on file size, record count, or concurrent imports.

An attacker can exploit this by uploading excessively large Excel files or
automating multiple simultaneous uploads (e.g., using Burp Suite or another
proxy tool). This results in resource exhaustion on the application server,
leading to significant performance degradation and potential denial of
service (DoS) conditions.