Skip to main content

Mylittleadmin

2 CVEs product

Monthly

CVE-2020-13166 CRITICAL POC THREAT Emergency

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Mylittleadmin
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
77.6%
CVE-2012-4015 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mylittleadmin
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 78% CVSS 9.8
CRITICAL POC THREAT Emergency

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Mylittleadmin
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mylittleadmin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy