We covered directory traversal vulnerability to solve Challenge 007 in OWASP Hackademic free lab.
Directory traversal is another name for path traversal. An attacker can read any file on the server that the program is executing on thanks to these vulnerabilities.
An attacker may occasionally be able to write to any file on the server, which would give them the ability to alter application behavior or data and eventually seize total control of the machine.
Numerous programs that incorporate user input into file paths have anti-path traversal measures in place. These can often be bypassed.
Several methods may be available to get around the defense if a program removes or prevents directory traversal sequences from the user-supplied filename.
The Complete Practical Web Application Penetration Testing Course
Video Walkthrough