Quantifying Vulnerabilities: A Systematic Review of the State-of-the-Art Web-Based Systems
Loading...
Date
2024
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of Dar es Salaam
Abstract
Web-based Systems Vulnerabilities (WSVs) have been existing over a long time in all Open System Interconnection (OSI) layers. WSV tends to affect online business operations by letting attackers to gain unauthorized access. Different researchers have been publishing common WSVs regularly. From the published vulnerabilities, it can be noted that the ranking of vulnerabilities is not static. Prevalence of common vulnerabilities tends to vary with time. Moreover, ranking of vulnerabilities from various practitioners, such as OWASP and CWE, at a particular point in time tends to be different because of different approaches and sources. This work sought to come up with an objective way of establishing the latest ranking of common WSV by conducting a Systematic Literature Review from scholarly sources. This study extracted 127 publications from Scholarly Databases: Association of Computing Machineries, ScienceDirect, Springer, IEEE, and Google scholar. After the review, only 62 articles were considered based on five inclusion and exclusion criteria. The review reveals that cross site script, structured query language injection, broken authentication and session management, operating system command injection and file inclusion are the most common WSV.
Description
Full-text. Available at https://jicts.udsm.ac.tz/index.php/udsm/article/view/51.
Keywords
Common Web Vulnerabilities, Cyber Security, Systematic Literature Review Web, Vulnerability Ranking
Citation
Masue, W. G., Ngondya, D., & Kondo, T. S. (2024). Quantifying Vulnerabilities: A Systematic Review of the State-of-the-Art Web-Based Systems. Journal of ICT Systems, 2(1), 72-86.