Vulnerability: Agentejo Cockpit < 0.11.2 - NoSQL Injection

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value.

Impact

Successful exploitation of this vulnerability could lead to unauthorized access, data leakage, or data manipulation.

Severity

critical

Verified

Unknown