Path Traversal: '\absolute\pathname\here'
The product accepts input in the form of a backslash absolute path ('\absolute\pathname\here') without appropriate validation, which can allow an attacker to traverse the file system to unintended locations or access arbitrary files.
This category identifies Software Fault Patterns (SFPs) within the Path Traversal cluster (SFP16).
Weaknesses in this category are related to rules in the Input Output (FIO) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weakness...
This view (slice) covers all the elements in CWE.
This view (slice) lists weaknesses that can be introduced during implementation.