Cookies are often used for authentication and a lot of other stuff.The "inc" php header files often include the exact syntax of the cookies. An attacker may create his own cookie with the information he has taken from the header file and start cookie poisining.