We all know that SQL injection (SQLi) is a thing. But it may surprise quite a few people that similar injection techniques are possible when the underlying database is a NoSQL database.
In this post, I’ll show a simple way of exploiting such a NoSQL injection in two ways.
Continue reading NoSQL injection in MongoDB
steps0x29a 