Description

This script is possibly vulnerable to directory traversal attacks.

Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory.

Remediation

Your script should filter metacharacters from user input.

References

Acunetix Directory Traversal Attacks

Related Vulnerabilities

WordPress Plugin Ajax Store Locator Directory Traversal (1.2.0)

WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)

WordPress Plugin WP Fastest Cache Directory Traversal (0.9.1.6)

WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)

WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)

Severity

High

Classification

CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Directory Traversal