Jump to navigation Jump to search
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal or path traversal attack consists of exploiting improper navigation controls in a web application to browse pages, files and directories that are not explicit in the application (e.g. by including ../../../etc/password).
|Consequences||Code execution, Data loss, Denial of service|
|Ease of Detection||Easy|