CWE-47
Path Equivalence: ' filename' (Leading Space)
The product accepts path input in the form of leading space (' filedir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-47 definition at MITREImpactr finds and proves weaknesses like CWE-47 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist