Description

This web application is vulnerable to MongoDB Injection attacks.

There are various types of attacks against MongoDB databases. Consult web references for more information about this vulnerability.

1) Operation Injection Attacks
If you are passing $_GET parameters to your queries, make sure that they are cast to strings first. Users can insert associative arrays in GET requests, which could then become unwanted $-queries.

2) Script Injection Attacks
If you are using JavaScript, make sure that any variables that cross the PHP- to-JavaScript boundary are passed in the scope field of MongoCode, not interpolated into the JavaScript string.

Remediation

If you are passing $_GET/$_POST parameters to your queries, make sure that they are cast to strings first. If you are using JavaScript, make sure that any variables that cross the PHP- to-JavaScript boundary are passed in the scope field of MongoCode, not interpolated into the JavaScript string.

References

PHP Manual MongoDB Security

How does MongoDB address SQL or Query injection?

Server-Side JavaScript Injection

What is NoSQL Injection and How Can You Prevent It?

Related Vulnerabilities

Oracle JRE CVE-2014-0449 Vulnerability (CVE-2014-0449)

Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)

Oracle Database Server CVE-2013-1538 Vulnerability (CVE-2013-1538)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1912)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)

Severity

High

Classification

CWE-943 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Tags

Abuse Of Functionality Code Execution Known Vulnerabilities