Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application.

Dec 16, 2025 · Directory traversal vulnerabilities (also known as file path vulnerabilities) allow an attacker to read arbitrary files on the server that is running an application.

File path traversal (also known as directory traversal) is a vulnerability that allows attackers to read the contents of files to which they should not have access.

Path traversal This learning path covers path traversal vulnerabilities. You'll learn how to carry out path traversal attacks and circumvent common obstacles. You'll also learn how to prevent path …

Many types of functionality commonly found in web applications involve processing user-supplied input as a file or directory name. If the user-supplied input is improperly validated, this …

Dec 16, 2025 · Fuzzing for vulnerabilities Last updated: December 16, 2025 Read time: 1 Minute You can use Burp Intruder to identify input-based vulnerabilities by analyzing the attack results …

This lab contains a path traversal vulnerability in the display of product images. To solve the lab, retrieve the contents of the /etc/passwd file.

Some path traversal vulnerabilities can be detected by submitting a traversal sequence targeting a known file, and searching the response for the appearance of this file.

To eliminate false positives the misconfiguration has to be confirmed by successfully requesting an existing resource via path traversal. This is done as follows:

This indicates that the file was uploaded to a higher directory in the filesystem hierarchy (/files), and subsequently executed by the server. Note that this means you can also request this file …