CWE-541: Information Exposure Through Include Source Code
Information Exposure Through Include Source Code
Weakness ID: 541 (Weakness Variant)
Status: Incomplete
Description
Description Summary
If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
Time of Introduction
Implementation
Common Consequences
Scope
Effect
Confidentiality
Technical Impact: Read application
data
Potential Mitigations
Do not store sensitive information in include files.