This page discusses CWE 98, focusing on the improper control of the filename for include/require statements in PHP programs, leading to potential security vulnerabilities.

CWE-714: Weaknesses in OWASP Top Ten (2007)

CWE-727: Vulnerabilities related to OWASP Top Ten 2004 Category

CWE-802: Risky Resource Management vulnerabilities

CWE-1347: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-1416: Incorrect Initialization of Resource

Learn about CWE 98: Improper Control of Filename for Include/Require Statement in PHP. Understand the vulnerabilities and risks associated with improper filename control in PHP programs.

CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program

Is your System Free of Underlying Vulnerabilities? Find Out Now

Is your System Free of Underlying Vulnerabilities?
Find Out Now