NoSQL injection here on MongoDB. Just a bit of google to found out https://www.idontplaydarts.com/2010/07/mongodb-is-vulnerable-to-sql-injection-in-php-at-least/ where the solution is kinda written in plain.

Payload was this: http://176.9.193.6/challenges_x/final/lph/blog.php?id[$ne]=1 that show us all article in the database except the one that has id=1. The SQL equivalent is: “select * from users where id!=1”.

Razor4x