Skip to content

dcodx/javascript-ecom-lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
client
client
 
 
docker-compose
docker-compose
 
 
server
server
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

JavaScript Damn Vuln Ecom application

This is a vulnerable NodeJS and React application that is meant to be used for educational purposes. The application is a simple e-commerce application that has a number of vulnerabilities that can be exploited. The vulnerabilities are meant to be used to teach developers how to write secure code and how to exploit vulnerabilities in code. Do not run in production.

Pre-requisites

  1. Docker

Running the application

  1. Copy and rename the .env.example file to .env in both folders (client and server)
  2. Run docker-compose up --build

Vulnerabilities

  • SQL Injection
  • Cross Site Scripting (XSS)
  • Server Site Request Forgery (SSRF)
  • JWT Token Vulnerability
  • Path Traversal
  • Command Injection
  • XXE Injection
  • Insecure Direct Object Reference (IDOR)

About

Vulnerable NodeJS lab for the SCJS training

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages