Vulnerabilities > Mylittletools > Mylittleadmin > 3.8

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-19	CVE-2020-13166	Use of Hard-coded Credentials vulnerability in Mylittletools Mylittleadmin 3.8 The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code. network low complexity mylittletools CWE-798	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.