CWE-541 - Inclusion of Sensitive Information in an Include File

CWE ID:

CWE-541

Abstraction:Variant
Structure:Simple
Status:Incomplete

Release Date:2006-07-19
Latest Modification Date:2023-06-29

Weakness Name

Inclusion of Sensitive Information in an Include File

Description

If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Related Weaknesses

CWE-540Inclusion of Sensitive Information in Source Code

Related Alerts

Source Code Disclosure - SVNMedium

Source Code Disclosure - Git High

Source Code Disclosure - File InclusionHigh

Properties File Disclosure - /WEB-INF folderHigh

Source Code Disclosure - /WEB-INF FolderHigh