Check vulnerability for sequences stripped with superfluous URL-decode
GET {{base_url}}
This request checks if the API allows an attacker to access files present on the server by passing a file path with various non-standard encodings, such as ..%c0%af
or ..%252f
, to bypass the input filter.
HEADERS
Key | Datatype | Required | Description |
---|---|---|---|
{{access_token_key}} | string |