Path Traversal¶
A path traversal vulnerability is a security flaw that allows an attacker to access files or directories outside the intended location on a server.
It happens when an application uses user input to build file paths without properly validating or restricting it.
Path traversals are also called directory traversal.
<?php
$file = $_GET['file'];
include('pages/' . $file);
?>
See also Path traversal and How to prevent exploitation of Path Traversal vulnerabilities.
Related : Vulnerability, Attack, Leak, Static Application Security Testing (SAST)
