Vulhub
Vulhub is an open-source collection of pre-built vulnerable docker environments for security researchers and educators.
# Clone the repository
git clone --depth 1 https://github.com/vulhub/vulhub.git
# Enter the directory
cd vulhub/spring/CVE-2022-22947
# Start the environment
docker compose up -dWhy Use Vulhub?
Docker Based
All environments are built with Docker and Docker Compose, making them easy to deploy and isolate.
Real Vulnerabilities
Practice with real-world vulnerabilities in a safe, controlled environment for learning and research.
Well Documented
Each vulnerability comes with detailed documentation explaining the vulnerability and exploitation steps.
Latest Environments
View all environmentspgAdmin4 <= 9.10 Database Restore Tool Command Injection
Explore the pgAdmin4 <= 9.10 Database Restore Tool Command Injection vulnerability and learn how to exploit it.
React Server Components Flight Protocol Deserialization RCE
Explore the React Server Components Flight Protocol Deserialization RCE vulnerability and learn how to exploit it.
pgAdmin4 <= 9.1 Authenticated Remote Code Execution
Explore the pgAdmin4 <= 9.1 Authenticated Remote Code Execution vulnerability and learn how to exploit it.
1Panel Control Panel PostAuth SQL Injection
Explore the 1Panel Control Panel PostAuth SQL Injection vulnerability and learn how to exploit it.
aiohttp Directory Traversal Vulnerability
Explore the aiohttp Directory Traversal Vulnerability vulnerability and learn how to exploit it.
Apache CXF Aegis DataBinding Server-Side Request Forgery
Explore the Apache CXF Aegis DataBinding Server-Side Request Forgery vulnerability and learn how to exploit it.
Ready to start your security research?
Explore our collection of vulnerable environments and enhance your security skills today.