CWE-15 | External Control of System or Configuration Setting |
CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
CWE-23 | Relative Path Traversal |
CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
CWE-73 | External Control of File Name or Path |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') |
CWE-264 | Permissions, Privileges, and Access Controls |
CWE-272 | Least Privilege Violation |
CWE-285 | Improper Authorization |
CWE-346 | Origin Validation Error |
CWE-348 | Use of Less Trusted Source |
CWE-715 | OWASP Top Ten 2007 Category A4 - Insecure Direct Object Reference |