PowerWAF Attacks Encyclopedia
File & Path Attacks
7 documented attacks in this category. Understand the threats, learn detection techniques, and implement effective defenses.
Directory Traversal Attack
A directory traversal attack exploits insufficient validation of user-supplied file paths to break out of the intended d...
Learn more →Local File Inclusion (LFI)
Local File Inclusion (LFI) is a vulnerability that allows an attacker to include and read — or in some cases execute — f...
Learn more →Malicious File Upload Attack
A malicious file upload attack exploits web applications that accept file uploads without properly validating the file's...
Learn more →Path Traversal Attack
A path traversal attack (also known as directory traversal or dot-dot-slash attack) exploits insufficient input validati...
Learn more →Remote File Inclusion (RFI)
Remote File Inclusion (RFI) is a vulnerability that allows an attacker to include and execute a file hosted on a remote ...
Learn more →XML External Entity (XXE) Attack
An XML External Entity (XXE) attack exploits vulnerable XML parsers that process external entity declarations within XML...
Learn more →Zip Bomb Attack
A zip bomb (also called a decompression bomb or zip of death) is a malicious archive file designed to crash or incapacit...
Learn more →