Vulnerable Environments
Browse our collection of pre-built vulnerable environments for security research and education. Each environment is containerized with Docker and comes with detailed documentation.
Auth Bypass
Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass
Explore the Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass vulnerability and learn how to exploit it.
Next.js Middleware Authorization Bypass
Explore the Next.js Middleware Authorization Bypass vulnerability and learn how to exploit it.
Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass
Explore the Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass vulnerability and learn how to exploit it.
Apache OFBiz Authentication Bypass Leads to RCE
Explore the Apache OFBiz Authentication Bypass Leads to RCE vulnerability and learn how to exploit it.
CMS
CraftCMS ConditionsController Pre-Auth Remote Code Execution
Explore the CraftCMS ConditionsController Pre-Auth Remote Code Execution vulnerability and learn how to exploit it.
CraftCMS register_argc_argv Leads to Remote Code Execution
Explore the CraftCMS register_argc_argv Leads to Remote Code Execution vulnerability and learn how to exploit it.
Joomla 4.2.7 Permission Bypass
Explore the Joomla 4.2.7 Permission Bypass vulnerability and learn how to exploit it.
ECShop 4.x collection_list SQL Injection
Explore the ECShop 4.x collection_list SQL Injection vulnerability and learn how to exploit it.
Database
Adminer Server-side Request Forgery on Error Page of Elasticsearch and ClickHouse
Explore the Adminer Server-side Request Forgery on Error Page of Elasticsearch and ClickHouse vulnerability and learn how to exploit it.
CouchDB Erlang Distributed Protocol Code Execution
Explore the CouchDB Erlang Distributed Protocol Code Execution vulnerability and learn how to exploit it.
Redis Lua Sandbox Bypass Command Execution
Explore the Redis Lua Sandbox Bypass Command Execution vulnerability and learn how to exploit it.
H2 Database Console Unauthorized Access
Explore the H2 Database Console Unauthorized Access vulnerability and learn how to exploit it.
Deserialization
Apache Superset Python Pickle Deserialization Leads to RCE
Explore the Apache Superset Python Pickle Deserialization Leads to RCE vulnerability and learn how to exploit it.
Tomcat Session Deserialization Remote Code Execution
Explore the Tomcat Session Deserialization Remote Code Execution vulnerability and learn how to exploit it.
Apache HertzBeat SnakeYaml Deserialization Remote Code Execution
Explore the Apache HertzBeat SnakeYaml Deserialization Remote Code Execution vulnerability and learn how to exploit it.
Adobe ColdFusion XML Deserialization Leads to RCE
Explore the Adobe ColdFusion XML Deserialization Leads to RCE vulnerability and learn how to exploit it.
Environment Injection
CGI Application Environment Variable Injection by HTTPoxy
Explore the CGI Application Environment Variable Injection by HTTPoxy vulnerability and learn how to exploit it.
GoAhead Web Server Environment Variables Injection and `LD_PRELOAD` Remote Code Execution
Explore the GoAhead Web Server Environment Variables Injection and `LD_PRELOAD` Remote Code Execution vulnerability and learn how to exploit it.
GoAhead Web Server Environment Variables Injection and `LD_PRELOAD` Remote Code Execution
Explore the GoAhead Web Server Environment Variables Injection and `LD_PRELOAD` Remote Code Execution vulnerability and learn how to exploit it.
Expression Injection
GeoServer Unauthenticated Remote Code Execution in Evaluating Property Name Expressions
Explore the GeoServer Unauthenticated Remote Code Execution in Evaluating Property Name Expressions vulnerability and learn how to exploit it.
Atlassian Confluence Pre-Auth Remote Code Execution via OGNL Injection
Explore the Atlassian Confluence Pre-Auth Remote Code Execution via OGNL Injection vulnerability and learn how to exploit it.
Atlassian Confluence Pre-Auth Remote Code Execution via OGNL Injection
Explore the Atlassian Confluence Pre-Auth Remote Code Execution via OGNL Injection vulnerability and learn how to exploit it.
Spring Cloud Function SpEL Expression Command Injection
Explore the Spring Cloud Function SpEL Expression Command Injection vulnerability and learn how to exploit it.
File Upload
Apache RocketMQ NameServer Arbitrary File Write
Explore the Apache RocketMQ NameServer Arbitrary File Write vulnerability and learn how to exploit it.
SaltStack Arbitrary File Read and Write
Explore the SaltStack Arbitrary File Read and Write vulnerability and learn how to exploit it.
Drupal Cross-Site Scripting by File Upload
Explore the Drupal Cross-Site Scripting by File Upload vulnerability and learn how to exploit it.
WebLogic Arbitrary File Upload
Explore the WebLogic Arbitrary File Upload vulnerability and learn how to exploit it.
Framework
Next.js Middleware Authorization Bypass
Explore the Next.js Middleware Authorization Bypass vulnerability and learn how to exploit it.
Struts2 S2-067 Upload Path Traversal
Explore the Struts2 S2-067 Upload Path Traversal vulnerability and learn how to exploit it.
Struts2 S2-066 Upload Path Traversal
Explore the Struts2 S2-066 Upload Path Traversal vulnerability and learn how to exploit it.
Spring Security Authorization Bypass in RegexRequestMatcher
Explore the Spring Security Authorization Bypass in RegexRequestMatcher vulnerability and learn how to exploit it.
Hard Coding
Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass
Explore the Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass vulnerability and learn how to exploit it.
Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass
Explore the Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass vulnerability and learn how to exploit it.
InfluxDB Empty JWT Secret Key Authentication Bypass
Explore the InfluxDB Empty JWT Secret Key Authentication Bypass vulnerability and learn how to exploit it.
Apache APISIX Hardcoded API Token Leads to RCE
Explore the Apache APISIX Hardcoded API Token Leads to RCE vulnerability and learn how to exploit it.
Info Disclosure
MinIO Cluster Mode Information Disclosure
Explore the MinIO Cluster Mode Information Disclosure vulnerability and learn how to exploit it.
OpenSSL Heartbleed Memory Leak Leads to Information Disclosure
Explore the OpenSSL Heartbleed Memory Leak Leads to Information Disclosure vulnerability and learn how to exploit it.
Jetty WEB-INF Sensitive Information Disclosure
Explore the Jetty WEB-INF Sensitive Information Disclosure vulnerability and learn how to exploit it.
Jetty WEB-INF Sensitive Information Disclosure
Explore the Jetty WEB-INF Sensitive Information Disclosure vulnerability and learn how to exploit it.
Message Queue
Apache RocketMQ NameServer Arbitrary File Write
Explore the Apache RocketMQ NameServer Arbitrary File Write vulnerability and learn how to exploit it.
Apache ActiveMQ Jolokia Authenticated Remote Code Execution
Explore the Apache ActiveMQ Jolokia Authenticated Remote Code Execution vulnerability and learn how to exploit it.
Apache ActiveMQ OpenWire Protocol Deserialization RCE
Explore the Apache ActiveMQ OpenWire Protocol Deserialization RCE vulnerability and learn how to exploit it.
Apache RocketMQ Broker Remote Command Execution
Explore the Apache RocketMQ Broker Remote Command Execution vulnerability and learn how to exploit it.
Path Traversal
Vite Development Server Arbitrary File Read
Explore the Vite Development Server Arbitrary File Read vulnerability and learn how to exploit it.
Vite Development Server Arbitrary File Read Bypass
Explore the Vite Development Server Arbitrary File Read Bypass vulnerability and learn how to exploit it.
GlassFish 4.1.0 Arbitrary File Read
Explore the GlassFish 4.1.0 Arbitrary File Read vulnerability and learn how to exploit it.
FFmpeg AVI Arbitrary File Read
Explore the FFmpeg AVI Arbitrary File Read vulnerability and learn how to exploit it.
Privilege Escalation
V2board 1.6.1 Privilege Escalation
Explore the V2board 1.6.1 Privilege Escalation vulnerability and learn how to exploit it.
Polkit pkexec Privilege Escalation
Explore the Polkit pkexec Privilege Escalation vulnerability and learn how to exploit it.
SaltStack Information Disclosure Leads to Privilege Escalation
Explore the SaltStack Information Disclosure Leads to Privilege Escalation vulnerability and learn how to exploit it.
PostgreSQL Privilege Escalation
Explore the PostgreSQL Privilege Escalation vulnerability and learn how to exploit it.
RCE
CraftCMS ConditionsController Pre-Auth Remote Code Execution
Explore the CraftCMS ConditionsController Pre-Auth Remote Code Execution vulnerability and learn how to exploit it.
Cacti RRDTool Post-Auth Argument Injection Leads to RCE
Explore the Cacti RRDTool Post-Auth Argument Injection Leads to RCE vulnerability and learn how to exploit it.
Cacti graph_view.php SQL Injection Leads to RCE
Explore the Cacti graph_view.php SQL Injection Leads to RCE vulnerability and learn how to exploit it.
ImageMagick Imagetragick Command Injection
Explore the ImageMagick Imagetragick Command Injection vulnerability and learn how to exploit it.
SQL Injection
Cacti graph_view.php SQL Injection Leads to RCE
Explore the Cacti graph_view.php SQL Injection Leads to RCE vulnerability and learn how to exploit it.
ShowDoc 3.2.5 SQL Injection
Explore the ShowDoc 3.2.5 SQL Injection vulnerability and learn how to exploit it.
MeterSphere v1.15.4 Authenticated SQL Injection
Explore the MeterSphere v1.15.4 Authenticated SQL Injection vulnerability and learn how to exploit it.
CMS Made Simple (CMSMS) < 2.2.10 Unauthenticated SQL Injection
Explore the CMS Made Simple (CMSMS) < 2.2.10 Unauthenticated SQL Injection vulnerability and learn how to exploit it.
SSRF
GeoServer Unauthenticated Server-Side Request Forgery
Explore the GeoServer Unauthenticated Server-Side Request Forgery vulnerability and learn how to exploit it.
Apache OFBiz SSRF and Remote Code Execution
Explore the Apache OFBiz SSRF and Remote Code Execution vulnerability and learn how to exploit it.
Adminer Server-side Request Forgery on Error Page of Elasticsearch and ClickHouse
Explore the Adminer Server-side Request Forgery on Error Page of Elasticsearch and ClickHouse vulnerability and learn how to exploit it.
Grafana Management Background SSRF
Explore the Grafana Management Background SSRF vulnerability and learn how to exploit it.
SSTI
JeecgBoot JimuReport FreeMarker Server Side Template Injection RCE
Explore the JeecgBoot JimuReport FreeMarker Server Side Template Injection RCE vulnerability and learn how to exploit it.
Atlassian Jira Template Injection
Explore the Atlassian Jira Template Injection vulnerability and learn how to exploit it.
Flask (Jinja2) Server-Side Template Injection
Explore the Flask (Jinja2) Server-Side Template Injection vulnerability and learn how to exploit it.
Webserver
Tomcat Session Deserialization Remote Code Execution
Explore the Tomcat Session Deserialization Remote Code Execution vulnerability and learn how to exploit it.
GlassFish 4.1.0 Arbitrary File Read
Explore the GlassFish 4.1.0 Arbitrary File Read vulnerability and learn how to exploit it.
Adobe ColdFusion XML Deserialization Leads to RCE
Explore the Adobe ColdFusion XML Deserialization Leads to RCE vulnerability and learn how to exploit it.
Adobe ColdFusion Local File Inclusion Leads to RCE
Explore the Adobe ColdFusion Local File Inclusion Leads to RCE vulnerability and learn how to exploit it.
XSS
Drupal Cross-Site Scripting by File Upload
Explore the Drupal Cross-Site Scripting by File Upload vulnerability and learn how to exploit it.
Django 500 Debug Page Cross-Site Scripting (XSS)
Explore the Django 500 Debug Page Cross-Site Scripting (XSS) vulnerability and learn how to exploit it.
XXE
PHP XML External Entity Injection (XXE)
Explore the PHP XML External Entity Injection (XXE) vulnerability and learn how to exploit it.
Apache Solr XML External Entity Injection
Explore the Apache Solr XML External Entity Injection vulnerability and learn how to exploit it.