This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Relative Path Traversal"

Jump to: navigation, search
(Related Threats)
Line 21: Line 21:
==Related Threats==
==Related Threats==
[[: Category: Information Disclosure]]
[[: Category: Information Disclosure]]
==Related Attacks==
==Related Attacks==

Revision as of 20:00, 16 August 2007

This is an Attack. To view all attacks, please see the Attack Category page.

This attack is a variant of Path Traversal and can be exploited when the application accepts the use of relative traversal sequences such as "../".

More detailed information can be found on Path_Traversal


The following URLs are vulnerable to this attack:  

A simple way to execute this attack is like this: dir/some file 

Related Threats

Category: Information Disclosure

Related Attacks

Related Vulnerabilities

Category:Input Validation Vulnerability

Related Countermeasures

Category:Input Validation


This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.Category: Resource Manipulation