CWE-541: Inclusion of Sensitive Information in an Include File
ID
CWE-541
Abstraction
Variant
Structure
Simple
Status
Incomplete
If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
Modes of Introduction
Phase | Note |
---|---|
Implementation |
Loading...