CWE-54
Path Equivalence: 'filedir' (Trailing Backslash)
The product accepts path input in the form of trailing backslash ('filedir') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-54 definition at MITREImpactr finds and proves weaknesses like CWE-54 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist