logo

CWE-541 - Inclusion of Sensitive Information in an Include File

  • Abstraction:Variant
  • Structure:Simple
  • Status:Incomplete
  • Release Date:2006-07-19
  • Latest Modification Date:2023-06-29

Weakness Name

Inclusion of Sensitive Information in an Include File

Description

If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Related Weaknesses

CWE-540Inclusion of Sensitive Information in Source Code

Related Alerts

Properties File Disclosure - /WEB-INF folderHigh

Source Code Disclosure - Git High

Source Code Disclosure - /WEB-INF FolderHigh

Source Code Disclosure - SVNMedium

Source Code Disclosure - File InclusionHigh