CAPEC Related Weakness
Manipulating Web Input to File System Calls
CWE-15External Control of System or Configuration Setting
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23Relative Path Traversal
CWE-59Improper Link Resolution Before File Access ('Link Following')
CWE-73External Control of File Name or Path
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-264Permissions, Privileges, and Access Controls
CWE-272Least Privilege Violation
CWE-285Improper Authorization
CWE-346Origin Validation Error
CWE-348Use of Less Trusted Source
CWE-715OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference
Leverage Executable Code in Non-Executable Files
CWE-59Improper Link Resolution Before File Access ('Link Following')
CWE-94Improper Control of Generation of Code ('Code Injection')
CWE-95Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-97Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
CWE-264Permissions, Privileges, and Access Controls
CWE-270Privilege Context Switching Error
CWE-272Least Privilege Violation
CWE-275Permission Issues
CWE-282Improper Ownership Management
CWE-714OWASP Top Ten 2007 Category A3 - Malicious File Execution
Using Malicious Files
CWE-59Improper Link Resolution Before File Access ('Link Following')
CWE-264Permissions, Privileges, and Access Controls
CWE-270Privilege Context Switching Error
CWE-272Least Privilege Violation
CWE-275Permission Issues
CWE-282Improper Ownership Management
CWE-285Improper Authorization
CWE-693Protection Mechanism Failure
CWE-732Incorrect Permission Assignment for Critical Resource
Target Programs with Elevated Privileges
CWE-15External Control of System or Configuration Setting
CWE-250Execution with Unnecessary Privileges
CWE-264Permissions, Privileges, and Access Controls
Restful Privilege Elevation
CWE-264Permissions, Privileges, and Access Controls
CWE-267Privilege Defined With Unsafe Actions
CWE-269Improper Privilege Management
Back to Top