README.md
Rendering markdown...
name: cve-2026-47100
services:
db-vuln:
image: mariadb:11.4
environment:
MARIADB_DATABASE: wordpress
MARIADB_USER: wordpress
MARIADB_PASSWORD: wordpress
MARIADB_ROOT_PASSWORD: rootpass
volumes:
- db_vuln:/var/lib/mysql
networks: [lab]
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
interval: 10s
timeout: 5s
retries: 10
db-patched:
image: mariadb:11.4
environment:
MARIADB_DATABASE: wordpress
MARIADB_USER: wordpress
MARIADB_PASSWORD: wordpress
MARIADB_ROOT_PASSWORD: rootpass
volumes:
- db_patched:/var/lib/mysql
networks: [lab]
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
interval: 10s
timeout: 5s
retries: 10
vuln:
build:
context: .
dockerfile: vuln/Dockerfile
depends_on:
db-vuln:
condition: service_healthy
environment:
WORDPRESS_DB_HOST: db-vuln:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
LAB_VARIANT: vuln
FUNNEL_BUILDER_VERSION: 3.15.0.2
WORDPRESS_URL: http://localhost:8081
WORDPRESS_TITLE: CVE-2026-47100 Vulnerable
WORDPRESS_ADMIN_USER: admin
WORDPRESS_ADMIN_PASSWORD: adminpass
WORDPRESS_ADMIN_EMAIL: [email protected]
ports:
- "127.0.0.1:8081:80"
volumes:
- wp_vuln:/var/www/html
- ./scripts:/lab/scripts:ro
networks: [lab]
healthcheck:
test: ["CMD-SHELL", "curl -fsS http://localhost/wp-login.php >/dev/null || exit 1"]
interval: 10s
timeout: 5s
retries: 20
patched:
build:
context: .
dockerfile: patched/Dockerfile
depends_on:
db-patched:
condition: service_healthy
environment:
WORDPRESS_DB_HOST: db-patched:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
LAB_VARIANT: patched
FUNNEL_BUILDER_VERSION: 3.15.0.3
WORDPRESS_URL: http://localhost:8082
WORDPRESS_TITLE: CVE-2026-47100 Patched
WORDPRESS_ADMIN_USER: admin
WORDPRESS_ADMIN_PASSWORD: adminpass
WORDPRESS_ADMIN_EMAIL: [email protected]
ports:
- "127.0.0.1:8082:80"
volumes:
- wp_patched:/var/www/html
- ./scripts:/lab/scripts:ro
networks: [lab]
healthcheck:
test: ["CMD-SHELL", "curl -fsS http://localhost/wp-login.php >/dev/null || exit 1"]
interval: 10s
timeout: 5s
retries: 20
init-vuln:
build:
context: .
dockerfile: vuln/Dockerfile
depends_on:
vuln:
condition: service_healthy
user: "33:33"
environment:
WORDPRESS_DB_HOST: db-vuln:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
LAB_VARIANT: vuln
FUNNEL_BUILDER_VERSION: 3.15.0.2
WORDPRESS_URL: http://localhost:8081
WORDPRESS_TITLE: CVE-2026-47100 Vulnerable
WORDPRESS_ADMIN_USER: admin
WORDPRESS_ADMIN_PASSWORD: adminpass
WORDPRESS_ADMIN_EMAIL: [email protected]
volumes:
- wp_vuln:/var/www/html
- ./scripts:/lab/scripts:ro
networks: [lab]
entrypoint: ["bash", "/lab/scripts/init-wordpress.sh"]
restart: "no"
init-patched:
build:
context: .
dockerfile: patched/Dockerfile
depends_on:
patched:
condition: service_healthy
user: "33:33"
environment:
WORDPRESS_DB_HOST: db-patched:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
LAB_VARIANT: patched
FUNNEL_BUILDER_VERSION: 3.15.0.3
WORDPRESS_URL: http://localhost:8082
WORDPRESS_TITLE: CVE-2026-47100 Patched
WORDPRESS_ADMIN_USER: admin
WORDPRESS_ADMIN_PASSWORD: adminpass
WORDPRESS_ADMIN_EMAIL: [email protected]
volumes:
- wp_patched:/var/www/html
- ./scripts:/lab/scripts:ro
networks: [lab]
entrypoint: ["bash", "/lab/scripts/init-wordpress.sh"]
restart: "no"
networks:
lab:
driver: bridge
volumes:
db_vuln:
db_patched:
wp_vuln:
wp_patched: