## https://sploitus.com/exploit?id=8AF0492B-0418-5FC6-821D-67A50D652EAA
# CVE-2025-54068 - Livewire (v3.6.3) Vulnerable Lab
This folder builds a minimal Laravel + Livewire v3 application pinned to **Livewire 3.6.3** (vulnerable) for reproducing **CVE-2025-54068**.
The mounted component is intentionally written to be compatible with the public exploit chain (it allows the stage-1 cast-to-array step).
## Quickstart
```bash
docker compose up -d --build
```
Open:
- `http://localhost:18081/`
## Validate (safe PoC)
This runs a two-step request sequence similar to public exploit chains, but uses an **in-band marker** (`echo`) as a safe proof.
```bash
python3 scripts/poc.py http://localhost:18081/
```
## Cleanup
```bash
docker compose down -v
```