| CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| CWE-94 | Improper Control of Generation of Code ('Code Injection') |
| CWE-95 | Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') |
| CWE-96 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') |
| CWE-97 | Improper Neutralization of Server-Side Includes (SSI) Within a Web Page |
| CWE-264 | Permissions, Privileges, and Access Controls |
| CWE-270 | Privilege Context Switching Error |
| CWE-272 | Least Privilege Violation |
| CWE-275 | Permission Issues |
| CWE-282 | Improper Ownership Management |
| CWE-714 | OWASP Top Ten 2007 Category A3 - Malicious File Execution |
