SYM_OCAML_0005 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Path Traversal
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-35: Path Traversal |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description
Using Filename.concat with data from users or external sources can allow attackers to craft file paths that access files or directories outside the intended location. This makes the application vulnerable to directory traversal attacks.
Impact
If exploited, an attacker could read, modify, or overwrite sensitive files on the server by manipulating file paths. This could lead to data breaches, unauthorized access, or disruption of critical application functionality.