Quantifying vulnerabilities: A systematic review of the state-of-the-art Web-Based Systems
Loading...
Files
Date
2024
Journal Title
Journal ISSN
Volume Title
Publisher
University of Dar es Salaam
Abstract
Web-based Systems Vulnerabilities (WSVs) have been existing over a long time in all Open System Interconnection (OSI) layers. WSV tends to affect online business operations by letting attackers to gain unauthorized access. Different researchers have been publishing common WSVs regularly. From the published vulnerabilities, it can be noted that the ranking of vulnerabilities is not static. Prevalence of common vulnerabilities tends to vary with time. Moreover, ranking of vulnerabilities from various practitioners, such as OWASP and CWE, at a particular point in time tends to be different because of different approaches and sources. This work sought to come up with an objective way of establishing the latest ranking of common WSV by conducting a Systematic Literature Review from scholarly sources. This study extracted 127 publications from Scholarly Databases: Association of Computing Machineries, ScienceDirect, Springer, IEEE, and Google scholar. After the review, only 62 articles were considered based on five inclusion and exclusion criteria. The review reveals that cross site script, structured query language injection, broken authentication and session management, operating system command injection and file inclusion are the most common WSV.
Description
Full-text is also available at https://doi.org/10.56279/jicts.v2i1.51
Keywords
Web-based Systems Vulnerabilities, Open System Interconnection, Business operations, Vulnerabilities
Citation
Masue, W. G., Ngondya, D., & Kondo, T. S. (2024). Quantifying Vulnerabilities: A Systematic Review of the State-of-the-Art Web-Based Systems. Journal of ICT Systems, 2(1), 72-86.