Vulnerabilities > Mylittletools > Mylittleadmin > 3.8

DATE CVE VULNERABILITY TITLE RISK
2020-05-19 CVE-2020-13166 Use of Hard-coded Credentials vulnerability in Mylittletools Mylittleadmin 3.8
The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code.
network
low complexity
mylittletools CWE-798
critical
 9.8
9.8