A zero-day vulnerability in’phpMoAdmin is a free, open-source, written in PHP, AJAX-based MongoDB GUI (graphical user interface) administration tool that allows you to easily manage noSQL database MongoDB. The vulnerability is for sale on underground exploits forums and has already been verified by the market administrators that It Works! Users of MongoDB database are recommended to avoid using phpMoAdmin until the developer team releases a patch for the vulnerability. There is no patch yet available for thousands of vulnerable websites.
Source: https://thehackernews.com/2015/03/phpMoAdmin-mongoDB-exploit.html