The software uses external input to construct a pathname that
					should be within a restricted directory, but it does not properly neutralize
					multiple internal "../" sequences that can resolve to a location that is outside
					of that directory.This allows attackers to traverse the file system to access files or
						directories that are outside of the restricted directory.The 'directory/../../filename' manipulation is useful for bypassing some
						path traversal protection schemes. Sometimes a program only removes one
						"../" sequence, so multiple "../" can bypass that check. Alternately, this
						manipulation could be used to bypass a check for "../" at the beginning of
						the pathname, moving up more than one directory level.