postgresql-cve-exploitation

Practical PostgreSQL CVE exploitation labs with documentation (ESP/ENG/RUS)

PostgreSQL CVE Exploitation

This repository contains hands-on labs demonstrating the exploitation of critical PostgreSQL vulnerabilities using containerized environments. Each lab includes detailed documentation covering setup, exploitation steps, results, and mitigation recommendations.

CVEs Covered

CVE ID	PostgreSQL Version	Description
CVE-2007-6601	8.2.5	Cross-database access via `dblink`
CVE-2018-10915	10.4	Unauthorized access with potential privilege escalation
CVE-2022-1552	14.2	Metadata exposure through the `amcheck` extension

Tools & Environment

Docker & Docker Compose
PostgreSQL vulnerable builds via pg_cve_demo
Bash / PSQL CLI
Markdown technical reporting

Structure

Each directory contains:

exploit_steps_bilingual.md: Full walkthrough
Screenshots

Author

Bruno Paolo Huamán Vela
Cybersecurity student at Ural Federal University (UrFU)
Specialization: Information Security in Telecommunication Systems

Name		Name	Last commit message	Last commit date
Latest commit History 17 Commits
CVE-2007-6601		CVE-2007-6601
CVE-2018-10915		CVE-2018-10915
CVE-2022-1552		CVE-2022-1552
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

postgresql-cve-exploitation

PostgreSQL CVE Exploitation

CVEs Covered

Tools & Environment

Structure

Author

About

Uh oh!

Releases

Packages

brunoh6/postgresql-cve-exploitation

Folders and files

Latest commit

History

Repository files navigation

postgresql-cve-exploitation

PostgreSQL CVE Exploitation

CVEs Covered

Tools & Environment

Structure

Author

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Packages