CVE-2021-47923 | OpenCart 3.0.3.8 User Account OCSESSID authentication spoofing (Exploit 50555 / EDB-50555)

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability described as critical has been identified in OpenCart 3.0.3.8. The affected element is an unknown function of the component User Account Handler. Executing a manipulation of the argument OCSESSID can lead to authentication bypass by spoofing.

This vulnerability is registered as CVE-2021-47923. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2021-47923 | OpenCart 3.0.3.8 User Account OCSESSID authentication spoofing (Exploit 50555 / EDB-50555)

Post correlati

CVE-2024-21420 | Microsoft Windows up to Server 2022 23H2 WDAC OLE DB Provider for SQL Server Remote Code Execution

CVE-2025-0072 | Arm Valhall GPU Kernel Driver up to r49p3/r53p0 use after free

CVE-2026-2560 | kalcaddle kodbox up to 1.64.05 Media File Preview Plugin VideoResize.class.php run localFile os command injection

CVE-2025-23116 | Ubiquiti UniFi Protect Application up to 5.2.48 improper authentication