Vulnerabilities > Mylittletools

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-15	CVE-2021-39392	Deserialization of Untrusted Data vulnerability in Mylittletools Mylittlebackup 1.7 The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code. network low complexity mylittletools CWE-502 critical	9.8
2020-05-19	CVE-2020-13166	Use of Hard-coded Credentials vulnerability in Mylittletools Mylittleadmin 3.8 The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code. network low complexity mylittletools CWE-798 critical	9.8

Vulnerabilities > Mylittletools {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mylittletools"}]}