CAPEC Related Weakness
Symlink Attack
CWE-59 Improper Link Resolution Before File Access ('Link Following')
Using Malicious Files
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-270 Privilege Context Switching Error
CWE-272 Least Privilege Violation
CWE-282 Improper Ownership Management
CWE-285 Improper Authorization
CWE-693 Protection Mechanism Failure
CWE-732 Incorrect Permission Assignment for Critical Resource
Leverage Executable Code in Non-Executable Files
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-94 Improper Control of Generation of Code ('Code Injection')
CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-96 Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-97 Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
CWE-270 Privilege Context Switching Error
CWE-272 Least Privilege Violation
CWE-282 Improper Ownership Management
Manipulating Web Input to File System Calls
CWE-15 External Control of System or Configuration Setting
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23 Relative Path Traversal
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-73 External Control of File Name or Path
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-272 Least Privilege Violation
CWE-285 Improper Authorization
CWE-346 Origin Validation Error
CWE-348 Use of Less Trusted Source