majidmc2/pwn2pine-challenge — reverse-engineered prompt

Build me a small Django web app called pwn2pine that people can run locally to learn basic web security in a safe practice environment.

I want it to feel like a simple training site with three separate hands on challenges. One challenge should demonstrate prototype pollution, one should demonstrate JSONP, and one should demonstrate server side template injection. Each challenge should be intentionally vulnerable for learning purposes, but the app should still be organized and easy to use so someone can open it in a browser and try things out without a lot of setup.

Please make the pages clear enough that a beginner security enthusiast or pentester can understand what each challenge is about and interact with it. A simple landing page that links to the three challenges would be great. Include whatever basic instructions are needed to run it locally with Python and start the development server. If anything is unclear, look up the current Django docs and fill in sensible defaults.