CWE-541 - Inclusion of Sensitive Information in an Include File

CWE-541

Abstraction:
Variant

Structure:
Simple

Status:
Incomplete

Weakness Name: Inclusion of Sensitive Information in an Include File

Description: If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Common Consequences: Scope: Confidentiality
Impact: Read Application Data

Related Weaknesses: CWE-540Inclusion of Sensitive Information in Source Code

Related Alerts

Source Code Disclosure - SVNMedium

Source Code Disclosure - File InclusionHigh

Source Code Disclosure - /WEB-INF FolderHigh

Source Code Disclosure - Git High

Properties File Disclosure - /WEB-INF folderHigh

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard