Vulhub
Vulhub is an open-source collection of pre-built vulnerable docker environments for security researchers and educators.
# Clone the repository
git clone --depth 1 https://github.com/vulhub/vulhub.git
# Enter the directory
cd vulhub/spring/CVE-2022-22947
# Start the environment
docker compose up -dWhy Use Vulhub?
Docker Based
All environments are built with Docker and Docker Compose, making them easy to deploy and isolate.
Real Vulnerabilities
Practice with real-world vulnerabilities in a safe, controlled environment for learning and research.
Well Documented
Each vulnerability comes with detailed documentation explaining the vulnerability and exploitation steps.
Latest Environments
View all environmentsComfyUI-Manager CRLF Injection in Configuration Handler
Explore the ComfyUI-Manager CRLF Injection in Configuration Handler vulnerability and learn how to exploit it.
JetBrains TeamCity Authentication Bypass
Explore the JetBrains TeamCity Authentication Bypass vulnerability and learn how to exploit it.
Budibase Authentication Bypass via Webhook Query Parameter
Explore the Budibase Authentication Bypass via Webhook Query Parameter vulnerability and learn how to exploit it.
ownCloud graphapi Information Disclosure
Explore the ownCloud graphapi Information Disclosure vulnerability and learn how to exploit it.
Chartbrew MongoDB Dataset Query Remote Code Execution
Explore the Chartbrew MongoDB Dataset Query Remote Code Execution vulnerability and learn how to exploit it.
Nginx UI Unauthenticated Backup Download with Encryption Key Disclosure
Explore the Nginx UI Unauthenticated Backup Download with Encryption Key Disclosure vulnerability and learn how to exploit it.
Ready to start your security research?
Explore our collection of vulnerable environments and enhance your security skills today.