1. Homepage
  2. RvR
  3. Application
  4. Attack Vectors

General Information

Path Manipulation

Variants:
Direct Persistent Session 

Also Known As:
Absoluste Path Traveral

Vector Type:
Attack

Relevance:
Generic

Layer:
Application-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Input Validation, Secure Design

Invented In:
01/07/2008

Added In:
08/12/2014


Vector Operation Method:
Malicious inputs can affect file system access and enable attackers to override, upload, delete or manipulate the access to restricted content


Direct Variant:

Path Manipulation

Variant Title:
Path Manipulation

Typical Severity:
Major

Resources:

Wiki

CWE

CAPEC

Vulnerapedia

Other I

Other II

White Papers:

Learn More:


Persistent Variant:

Stored Path Manipulation

Also Known As:
Persistent Path Manipulation

Typical Severity:
Major

Resources:

White Papers:

Learn More:


Session Variant:

Path Manipulation via Session Puzzling

Also Known As:
Session Path Manipulation

Typical Severity:
Major

Resources:

White Papers:

Learn More:




TECAPI ©

Join