Path traversal (directory traversal) attacks allow attackers to access arbitrary files by manipulating input that is concatenated with a base directory. This paper examines a specific encoded payload, decodes it, explains how it works against vulnerable web parameters, and discusses detection and prevention.
Attackers use sequences like ../ to move up directories and access files outside the web root. -page-....-2F-2F....-2F-2F....-2F-2Fetc-2Fpasswd