CWE-37
Path Traversal: '/absolute/pathname/here'
The product accepts input in the form of a slash absolute path ('/absolute/pathname/here') without appropriate validation, which can allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-37 definition at MITREImpactr finds and proves weaknesses like CWE-37 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist