2014
DOI: 10.5120/18877-0144
|View full text |Cite
|
Sign up to set email alerts
|

Web Application Vulnerabilities: A Survey

Abstract: In the last few years, the discovery of World Wide Web (WWW) has grown very much. Today, WWW applications are routinely utilized in security critical environments, like ecommerce, medical, financial, and military systems etc. WWW systems are an organization of infrastructure elements, like web databases and servers, and application-specific code, such as HTML scripts and CGI programs etc. While the core elements are usually developed by knowledgeable programmers with valid security skills this ensuing vulnerab… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
4
1
1

Relationship

0
6

Authors

Journals

citations
Cited by 6 publications
(2 citation statements)
references
References 24 publications
0
2
0
Order By: Relevance
“…According to OWASP 2017 [1], vulnerabilities in web applications can be categorized into injection, sensitive data exposure, broken authentication, broken access control, XML external entities, security misconfiguration, and XSS. Web application vulnerabilities have also been classified into three high-level categories: input validation (IPV) vulnerability, session management (SM) vulnerability, and application logic (AL) vulnerability [3,4,37]. To detect vulnerabilities, many approaches, e.g., static code analysis [2,11], taint analysis [12], white box [13], machine learning approaches [14], fuzz testing [10,17], penetration testing [18], and dynamic monitoring [19,24], have been proposed.…”
Section: Introductionmentioning
confidence: 99%
“…According to OWASP 2017 [1], vulnerabilities in web applications can be categorized into injection, sensitive data exposure, broken authentication, broken access control, XML external entities, security misconfiguration, and XSS. Web application vulnerabilities have also been classified into three high-level categories: input validation (IPV) vulnerability, session management (SM) vulnerability, and application logic (AL) vulnerability [3,4,37]. To detect vulnerabilities, many approaches, e.g., static code analysis [2,11], taint analysis [12], white box [13], machine learning approaches [14], fuzz testing [10,17], penetration testing [18], and dynamic monitoring [19,24], have been proposed.…”
Section: Introductionmentioning
confidence: 99%
“…[12] Vandana Dwivedi, Himanshu Yadav and Anurag Jain, in their paper have reviewed the foremost common existing SQL Injections related problems. [13] Authors have presented a systematic mapping study in order to present the current status of the field, possible gaps and directions for future research. [14] Authors in their paper have overviewed the most critical Web Application vulnerabilities and its fundamental and mitigating solutions, and also presented the common website and web application hacking tools.…”
Section: Related Workmentioning
confidence: 99%