CWE-533 – DEPRECATED: Information Exposure Through Server Log Files
Description This entry has been deprecated because its abstraction was too low-level. See CWE-532. Modes of Introduction: Related Weaknesses Consequences Potential...
CWE-534 – DEPRECATED: Information Exposure Through Debug Log Files
Description This entry has been deprecated because its abstraction was too low-level. See CWE-532. Modes of Introduction: Related Weaknesses Consequences Potential...
CWE-535 – Exposure of Information Through Shell Error Message
Description A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage...
CWE-536 – Servlet Runtime Error Message Containing Sensitive Information
Description A servlet error message indicates that there exists an unhandled exception in your web application code and may provide useful information to an attacker....
CWE-537 – Java Runtime Error Message Containing Sensitive Information
Description In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system. Modes...
CWE-538 – Insertion of Sensitive Information into Externally-Accessible File or Directory
Description The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but...
CWE-539 – Use of Persistent Cookies Containing Sensitive Information
Description The web application uses persistent cookies, but the cookies contain sensitive information. Cookies are small bits of data that are sent by the web...
CWE-54 – Path Equivalence: ‘filedir’ (Trailing Backslash)
Description A software system that accepts path input in the form of trailing backslash ('filedir') without appropriate validation can lead to ambiguous path resolution and...
CWE-540 – Inclusion of Sensitive Information in Source Code
Description Source code on a web server or repository often contains sensitive information and should generally not be accessible to users. There are situations where...
CWE-541 – Inclusion of Sensitive Information in an Include File
Description If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and...