Path Traversal: '/absolute/pathname/here'
A software system that accepts input in the form of a slash absolute path ('/absolute/pathname/here') without appropriate validation can allow an attacker to traverse the file system to unintended locations or access arbitrary files.
This category identifies Software Fault Patterns (SFPs) within the Path Traversal cluster (SFP16).
Weaknesses in this category are related to rules in the Input Output (FIO) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weakness...
This view (slice) covers all the elements in CWE.
This view (slice) lists weaknesses that can be introduced during implementation.