Vulhub
Vulhub is an open-source collection of pre-built vulnerable docker environments for security researchers and educators.
# Clone the repository
git clone --depth 1 https://github.com/vulhub/vulhub.git
# Enter the directory
cd vulhub/spring/CVE-2022-22947
# Start the environment
docker compose up -dWhy Use Vulhub?
Docker Based
All environments are built with Docker and Docker Compose, making them easy to deploy and isolate.
Real Vulnerabilities
Practice with real-world vulnerabilities in a safe, controlled environment for learning and research.
Well Documented
Each vulnerability comes with detailed documentation explaining the vulnerability and exploitation steps.
Latest Environments
View all environmentsDataEase Authentication Bypass via Whitelist Path Traversal
Explore the DataEase Authentication Bypass via Whitelist Path Traversal vulnerability and learn how to exploit it.
DataEase H2 JDBC Remote Code Execution
Explore the DataEase H2 JDBC Remote Code Execution vulnerability and learn how to exploit it.
DataEase JWT Authentication Bypass
Explore the DataEase JWT Authentication Bypass vulnerability and learn how to exploit it.
Apache Linkis MySQL JDBC Datasource Deserialization Remote Code Execution
Explore the Apache Linkis MySQL JDBC Datasource Deserialization Remote Code Execution vulnerability and learn how to exploit it.
Tomcat Tribes EncryptInterceptor Bypass Remote Code Execution
Explore the Tomcat Tribes EncryptInterceptor Bypass Remote Code Execution vulnerability and learn how to exploit it.
Vite Development Server Arbitrary File Read via Hash Character Bypass
Explore the Vite Development Server Arbitrary File Read via Hash Character Bypass vulnerability and learn how to exploit it.
Ready to start your security research?
Explore our collection of vulnerable environments and enhance your security skills today.