Directory traversal vulnerabilities allow attackers
to access arbitrary files on your system. They tend to occur in older
technology stacks, which map URLs too literally to directories on disk.
If an attacker discovers a directory traversal vulnerability, it is only a matter
of time before they compromise your system. An experienced attacker will have
seen a similar technology stack, and will have a playbook of things to try next.
If your site is indexed on Google, and you have URLs that pass file names
in the query string, you are likely advertising a potential vulnerability
to attackers. Hackers often use search engines to locate likely targets,
and will search for tell-tale URLs. Try searching Google for
site:<yourdomain.com> inurl:file= to see if any results get returned!