CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
CWE-94 | Improper Control of Generation of Code ('Code Injection') |
CWE-95 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') |
CWE-96 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') |
CWE-97 | Improper Neutralization of Server-Side Includes (SSI) Within a Web Page |
CWE-264 | Permissions, Privileges, and Access Controls |
CWE-270 | Privilege Context Switching Error |
CWE-272 | Least Privilege Violation |
CWE-275 | Permission Issues |
CWE-282 | Improper Ownership Management |
CWE-714 | OWASP Top Ten 2007 Category A3 - Malicious File Execution |