An intruder manipulates the URL which causes the web server to either execute a file or reveal the contents of a file which could be lying anywhere in the file system even out side the document root directory. What type of attack is this?