phpMoAdmin remote code execution

Description
  • phpMoAdmin is a MongoDB administration tool for PHP. A remote code execution vulnerability was reported in this web application. Also, this application is not designed to be publicly accessible and doesn't have any type of authorization so anybody can remotely view and modify your MongoDB databases.
Remediation
  • Restrict access to the moadmin.php file. This application is not designed to be publicly accessible.
References