Which of the following attacks allows an attacker to access restricted directories, including application
source code, configuration and critical system files, and to execute commands outside of the web
server’s root directory?
A.
Unvalidated input
B.
Parameter/form tampering
C.
Directory traversal
D.
Security misconfiguration