Skip to content
Simple PHP application to manage templates for pentest reports
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

VulnDB Docker

VulnDB is a simple PHP/JavaScript application to manage templates for pentest reports.

Web interface of VulnDB

Create templates with a title, an OWASP category and a description with consequences and recommendations, and copy it when you have to in your pentest report:

  • By design, VulnDB allow to create templates written in English and French.
  • The templates are organized by OWASP category and sorted alphabetically.
  • If the title of the template matches the OWASP label, it will be displayed first in the list and highlighted in light blue.
  • A search form is used to dynamically filter the list of templates displayed on the page.
  • The URL is automatically rewritten to share searches or a link to a particular template.
  • Data are stored in a single JSON file. You can export it when you want through the Web interface.

This VulnDB repository is design to work with Docker, but you can also host it on your server using the configuration file nginx.conf to help you.


You have to install docker and docker-compose (

$ git clone
$ cd VulnDB-Docker
$ chmod a+rw web-vulndb/log/{access,error}.log web-vulndb/data/vulndb.json 
$ docker-compose up -d



Web interface


This source code may be used under the terms of the GNU General Public License version 3.0 as published by the Free Software Foundation and appearing in the file LICENSE included in the packaging of this file. Please review the following information to ensure the GNU General Public License version 3.0 requirements will be met:

You can’t perform that action at this time.