-
Injection into MongoDB
-
Is this something that's been thought of yet? Maybe sanitising all query and params on the way in. May need discussion
- Wanted XS scripts
- Wanted JS data
- Special characters
-
## Contributor wanted
This issue is [easy](https://github.com/andresriancho/w3af/issues?q=is%3Aopen+is%3Aissue+label%3Aeasy) and looking for a contributor, just add a comment saying you'll do it's yo…
-
What do we think about providing an actual example for the classic noSQL injection with MongoDB, as is demonstrated and documented in the tutorial?
Screenshot from A1 - Injection tutorial:
> !…
-
**MongoDB_NoSQL_Injection** issue exists @ **server/server.js** in branch **main**
*The application relies on user inputs provided in complete in server\server.js at line 49 to construct a raw Mong…
-
There are a few vulnerabilities and repetitions in your code that I can help resolve. Here's my approach:
1. Your application does not follow the "Thin controller fat model" approach. To resolve th…
-
## Problem Statement:
### Rate Limiting
Without rate limiting, the server is vulnerable to abuse, such as brute-force attacks, by allowing a single user or IP address to send a large number of req…
-
### Is your feature request related to a problem? Please describe.
## Problem Statement:
### Rate Limiting
Without rate limiting, the server is vulnerable to abuse, such as brute-force attacks, b…
-
Reference: https://www.owasp.org/index.php/Testing_for_NoSQL_injection
Try to break the following rules via NoSQL injection:
- orgAdminA can only LIST stuff which is specific to orgA
- orgAdminB can …
-
### Describe the bug
"NoSQL Injection - MongoDB" high alert showing in report but we are not using mongoDB
### Steps to reproduce the behavior
"NoSQL Injection - MongoDB" high alert showing in repo…