Privacy Policy
This project stores sample/test data and intentionally includes vulnerabilities for educational use. Do not use with real user data.
Data Collection
VulneraShop is designed for security training and intentionally includes vulnerabilities that may expose data. Test data may be logged and exposed through debug endpoints — this is deliberate for training purposes. Never use real personal information.
Intentional Vulnerabilities
This application contains intentional security vulnerabilities including but not limited to: SQL injection, XSS, IDOR, authentication bypasses, and data exposure. These are features, not bugs, designed to teach security concepts.
Data Storage
All data stored in this application may be accessible through various vulnerability vectors. Passwords may be stored insecurely, session tokens may be predictable, and user data may be exposed through IDOR vulnerabilities. This is intentional for educational purposes.
Third-Party Services
This application does not integrate with real third-party services. Any payment processing, shipping, or external API calls are simulated for demonstration purposes only.
🚨 Critical Warning: This application intentionally violates privacy best practices. Do not use with real data. All information entered may be exposed through documented vulnerabilities.