The directory traversal exploit is a type of attack that occurs when user-supplied input file names aren’t properly validated or sanitized from a security perspective. Thus, characters representing “traverse to parent directory” are allowed to pass through to the file APIs.
Read full news article on SecurityWeek