The invention discloses a method for detecting an unauthorized access vulnerability of a power mobile application. The method comprises the steps of obtaining and storing all the user types of the mobile application and the user number corresponding to each user type; constructing http requests aiming at the same operation of different users in the same user type, modifying the http request of one user, sending the modified request to a server-side and analyzing an execution result to detect parallel unauthorized access vulnerabilities; constructing http requests of different users in different user types, modifying the http requests which can be executed by users in certain user types, but cannot be executed by users in other types, sending the modified requests to the server-side, and analyzing the execution results to detect the unauthorized access vulnerabilities; and comprehensively detecting the discovered vulnerabilities and finishing the unauthorized access vulnerability detection. The method for detecting the unauthorized access vulnerability of the power mobile application is used for performing safety assessment on the mobile application in an integrated testing stage and provides support for reducing the safety risk of the mobile application and improving the safety of the mobile application.