CWE-534 – DEPRECATED: Information Exposure Through Debug Log Files
Description This entry has been deprecated because its abstraction was too low-level. See CWE-532. Modes of Introduction: Related Weaknesses Consequences Potential...
CWE-538 – Insertion of Sensitive Information into Externally-Accessible File or Directory
Description The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but...
CWE-539 – Use of Persistent Cookies Containing Sensitive Information
Description The web application uses persistent cookies, but the cookies contain sensitive information. Cookies are small bits of data that are sent by the web...
CWE-54 – Path Equivalence: ‘filedir’ (Trailing Backslash)
Description A software system that accepts path input in the form of trailing backslash ('filedir') without appropriate validation can lead to ambiguous path resolution and...
CWE-540 – Inclusion of Sensitive Information in Source Code
Description Source code on a web server or repository often contains sensitive information and should generally not be accessible to users. There are situations where...
CWE-541 – Inclusion of Sensitive Information in an Include File
Description If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and...
CWE-542 – DEPRECATED: Information Exposure Through Cleanup Log Files
Description This entry has been deprecated because its abstraction was too low-level. See CWE-532. Modes of Introduction: Related Weaknesses Consequences Potential...