| Manipulating User-Controlled Variables |
| CWE-15 | External Control of System or Configuration Setting |
| CWE-94 | Improper Control of Generation of Code ('Code Injection') |
| CWE-96 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') |
| CWE-285 | Improper Authorization |
| CWE-302 | Authentication Bypass by Assumed-Immutable Data |
| CWE-473 | PHP External Variable Modification |
|
