MySQL instance with enabled native password support prone vulnerable for password brute-force attack.
MySQL is the de-facto standard database system for web sites with HUGE volumes of both data and end-users (like Facebook, Twitter, and Wikipedia). Another great thing about MySQL is that it can be scaled down to support embedded database applications.
Misconfigured MongoDB databases can cause many private data to be leaked by attackers.
Access restriction should be applied.