nosqli-example

there is 2 vulnerabilities

nosqli in index.vuln.js line 24

const Vulnerability1 = (req, res) => {
    let query = { 
        username: req.body.username,
        password: req.body.password 
    }

    User.find(query, function (err, user) {
        if (err) {
            // handle error
        } else {
            if (user.length >= 1) {
                res.json({role: user[0].role, username: user[0].username, msg: "Correct!" });
            }
        }
    });
}

nosqli in index.vuln.js line 37

const Vulnerability2 = (req, res) => {

    User.find({ 
        username: req.body.username,
        password: req.body.password 
    }, function (err, user) {
        if (err) {
            // handle error
        } else {
            if (user.length >= 1) {
                res.json({role: user[0].role, username: user[0].username, msg: "Correct!" });
            }
        }
    });
}

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
models		models
.gitignore		.gitignore
README.md		README.md
index.safe.js		index.safe.js
index.vuln.js		index.vuln.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

nosqli-example

there is 2 vulnerabilities

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

nosqli-example

there is 2 vulnerabilities

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages