“Defend the Web” write-up (Intro 4— path traversal vulnerability)

By Netsparker

The goal of a path traversal attack (commonly referred to as directory traversal) is to get access to files and directories stored outside of the web root folder. It may be possible to access arbitrary files and directories contained on the file system, including application source code or configuration, by manipulating variables that reference files with “dot-dot-slash (../)”…