CAPEC Related Weakness
Accessing Functionality Not Properly Constrained by ACLs
CWE-276Incorrect Default Permissions
CWE-285Improper Authorization
CWE-434Unrestricted Upload of File with Dangerous Type
CWE-693Protection Mechanism Failure
CWE-721OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
CWE-732Incorrect Permission Assignment for Critical Resource
Directory Indexing
CWE-276Incorrect Default Permissions
CWE-285Improper Authorization
CWE-288Authentication Bypass Using an Alternate Path or Channel
CWE-424Improper Protection of Alternate Path
CWE-425Direct Request ('Forced Browsing')
CWE-693Protection Mechanism Failure
CWE-721OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
CWE-732Incorrect Permission Assignment for Critical Resource
Web Logs Tampering
CWE-20Improper Input Validation
CWE-75Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-93Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-116Improper Encoding or Escaping of Output
CWE-117Improper Output Neutralization for Logs
CWE-150Improper Neutralization of Escape, Meta, or Control Sequences
CWE-221Information Loss or Omission
CWE-276Incorrect Default Permissions
CWE-279Incorrect Execution-Assigned Permissions
CWE-713OWASP Top Ten 2007 Category A2 - Injection Flaws
Back to Top