-
1. Path Traversal | OWASP Foundation
Link: https://owasp.org/www-community/attacks/Path_Traversal
Description: WEBA path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder.
-
2. What is path traversal, and how to prevent it? - PortSwigger
Link: https://portswigger.net/web-security/file-path-traversal
Description: WEBPath traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. This might include: Application code and data. Credentials for …
-
3. What is a Directory Traversal Attack? - Acunetix
Link: https://www.acunetix.com/websitesecurity/directory-traversal/
Description: WEBWhat is a Directory Traversal attack? Properly controlling access to web content is crucial for running a secure web server. Directory traversal or Path Traversal is an HTTP attack that allows attackers to access restricted directories and execute commands outside of the web server’s root directory.
-
4. Directory Traversal: Examples, Testing, and Prevention - Bright …
Link: https://brightsec.com/blog/directory-traversal/
Description: WEBAug 23, 2021 · What Is Directory Traversal? Directory traversal, or path traversal, is an HTTP exploit. It exploits a security misconfiguration on a web server, to access data stored outside the server’s root directory. A successful directory traversal attempt enables attackers to view restricted files and sometimes also execute commands on the targeted …
-
5. What is a Directory Traversal Attack? - TechTarget
Link: https://www.techtarget.com/searchsecurity/definition/directory-traversal
Description: WEBDirectory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory. If the attempt is successful, the threat actor can view restricted files or execute commands on the server.
-
6. Directory traversal explained: Definition, examples and prevention
Link: https://www.csoonline.com/article/567817/directory-traversal-explained-definition-examples-and-prevention.html
Description: WEBOct 7, 2019 · What is directory traversal? In a directory traversal attack, also known as path traversal, an attacker enters information in a web form, URL address line, or another input method that gives...
-
7. What is Directory Traversal | Risks, Examples & Prevention
Link: https://www.imperva.com/learn/application-security/directory-traversal/
Description: WEBFeb 19, 2024 · Directory traversal, also known as path traversal or directory climbing, is a vulnerability in a web application server caused by a HTTP exploit. The exploit allows an attacker to access restricted directories, execute commands, and view data outside of the web root folder where application content is stored.
-
8. What is directory traversal? | Tutorial & examples | Snyk Learn
Link: https://learn.snyk.io/lesson/directory-traversal/
Description: WEBIn this lesson, you will learn how directory traversal works and how to mitigate it in your application. You will first use a directory traversal attack to hack a vulnerable web server. We will then explain directory traversal by showing you the backend code of that vulnerable server.
-
9. What is directory traversal? | Fastly
Link: https://www.fastly.com/learning/what-is-directory-traversal
Description: WEBDirectory traversal, also known as “path traversal” (and identified with CWE-22 ), is a web application vulnerability that enables attackers to access unintended files on an underlying filesystem.
-
10. Directory traversal attack - Wikipedia
Link: https://en.wikipedia.org/wiki/Directory_traversal_attack
Description: WEBA directory traversal (or path traversal) attack exploits insufficient security validation or sanitization of user-supplied file names, such that characters representing "traverse to parent directory" are passed through to the operating system's file system API.
