CVE-2020-21994
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack. Date published : 2021-04-28 https://www.exploit-db.com/exploits/47819
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5550.php