logo

CWE-541 - Inclusion of Sensitive Information in an Include File

CWE-541

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Inclusion of Sensitive Information in an Include File

Description

If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Related Weaknesses
Related Alerts
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website