CWE-38
Path Traversal: 'absolutepathnamehere'
The product accepts input in the form of a backslash absolute path ('absolutepathnamehere') without appropriate validation, which can allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-38 definition at MITREImpactr finds and proves weaknesses like CWE-38 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist