🪜Directory Traversal
https://portswigger.net/web-security/file-path-traversal
What is Directory Traversal?
Is a web security vulnerability that allows an attacker to read arbitrary files and also might be able to write to arbitrary files on the server that is running an application.
What might include:
Application Code and Data
Credentials for back-end systems
Sensitive operating system files
Quick Example:
The application implements no defenses against directory traversal attacks, so an attacker can request the following URL to retrieve an arbitrary file from the server's filesystem:
Top 25 parameters
Look for this vulnerability, in these parameters.
Last updated