CAPEC Related Weakness
PHP Remote File Inclusion
CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
CWE-714 OWASP Top Ten 2007 Category A3 - Malicious File Execution
Leverage Executable Code in Non-Executable Files
CWE-59 Improper Link Resolution Before File Access ('Link Following')
CWE-94 Improper Control of Generation of Code ('Code Injection')
CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-96 Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-97 Improper Neutralization of Server-Side Includes (SSI) Within a Web Page
CWE-264 Permissions, Privileges, and Access Controls
CWE-270 Privilege Context Switching Error
CWE-272 Least Privilege Violation
CWE-275 Permission Issues
CWE-282 Improper Ownership Management
CWE-714 OWASP Top Ten 2007 Category A3 - Malicious File Execution