CAPEC Related Weakness
Directory Indexing
CWE-276 Incorrect Default Permissions
CWE-285 Improper Authorization
CWE-288 Authentication Bypass Using an Alternate Path or Channel
CWE-424 Improper Protection of Alternate Path
CWE-425 Direct Request ('Forced Browsing')
CWE-693 Protection Mechanism Failure
CWE-721 OWASP Top Ten 2007 Category A10 - Failure to Restrict URL Access
CWE-732 Incorrect Permission Assignment for Critical Resource