While testing a web application in development, you notice that the web server does not properly ignore the “dot dot sla
Posted: Thu Apr 06, 2023 1:21 pm
While testing a web application in development, you notice that the web server does not properly ignore the “dot dot slash” (../) character string and instead returns the file listing of a folder higher up in the folder structure of the server.
What kind of attack is possible in this scenario?
A. Cross-site scripting
B. SQL injection
C. Denial of service
D. Directory traversal
What kind of attack is possible in this scenario?
A. Cross-site scripting
B. SQL injection
C. Denial of service
D. Directory traversal