漏洞描述
Ray API 存在文件读取漏洞,可以读取任意文件
Ray API 文件读取漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-25608: Liferay Portal - Open Redirect
- Anyscale Ray 未授权 代码注入漏洞
- (CVE-2025-4604)Liferay Portal和DXP版本验证码绕过导致远程代码执行漏洞
- POC CVE-2017-9288: WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting
- POC CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 - SQL Injection
- POC CVE-2020-15415: DrayTek Vigor - Command Injection
- POC CVE-2020-7961: Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution
- POC CVE-2020-8515: DrayTek - Remote Code Execution
- POC CVE-2021-20123: Draytek VigorConnect 1.6.0-B - Local File Inclusion
- POC CVE-2021-20124: Draytek VigorConnect 6.0-B3 - Local File Inclusion
- POC CVE-2022-42118: Liferay Portal - Cross-site Scripting
- POC CVE-2023-48022: Anyscale Ray - Remote Code Execution
- POC CVE-2023-48023: Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery