CVE-2020-13166

2020-05-19T20:15:00
ID CVE-2020-13166
Type cve
Reporter cve@mitre.org
Modified 2020-05-22T21:15:00

Description

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code.