Path Traversal

Path traversal attacks exploit insufficient validation of file paths to access files outside the intended directory. By inserting sequences like `../` into file path parameters, attackers can read sensitive files such as `/etc/passwd`, application configuration files, or private keys.

Prevention requires canonicalizing paths before use and validating that the resolved path is within an allowed base directory.