Quantifying vulnerabilities: A systematic review of the state-of-the-art Web-Based Systems

dc.contributor.authorMasue, Wilbard G.
dc.contributor.authorNgondya, Daniel
dc.contributor.authorKondo, Tabu S
dc.date.accessioned2024-09-04T12:04:49Z
dc.date.available2024-09-04T12:04:49Z
dc.date.issued2024
dc.descriptionFull-text is also available at https://doi.org/10.56279/jicts.v2i1.51
dc.description.abstractWeb-based Systems Vulnerabilities (WSVs) have been existing over a long time in all Open System Interconnection (OSI) layers. WSV tends to affect online business operations by letting attackers to gain unauthorized access. Different researchers have been publishing common WSVs regularly. From the published vulnerabilities, it can be noted that the ranking of vulnerabilities is not static. Prevalence of common vulnerabilities tends to vary with time. Moreover, ranking of vulnerabilities from various practitioners, such as OWASP and CWE, at a particular point in time tends to be different because of different approaches and sources. This work sought to come up with an objective way of establishing the latest ranking of common WSV by conducting a Systematic Literature Review from scholarly sources. This study extracted 127 publications from Scholarly Databases: Association of Computing Machineries, ScienceDirect, Springer, IEEE, and Google scholar. After the review, only 62 articles were considered based on five inclusion and exclusion criteria. The review reveals that cross site script, structured query language injection, broken authentication and session management, operating system command injection and file inclusion are the most common WSV.
dc.identifier.citationMasue, W. G., Ngondya, D., & Kondo, T. S. (2024). Quantifying Vulnerabilities: A Systematic Review of the State-of-the-Art Web-Based Systems. Journal of ICT Systems, 2(1), 72-86.
dc.identifier.doi10.56279/jicts.v2i1.51
dc.identifier.otherDOI: https://doi.org/10.56279/jicts.v2i1.51
dc.identifier.urihttps://repository.udom.ac.tz/handle/20.500.12661/4930
dc.language.isoen
dc.publisherUniversity of Dar es Salaam
dc.relation.ispartofJournal of ICT Systems
dc.subjectWeb-based Systems Vulnerabilities
dc.subjectOpen System Interconnection
dc.subjectBusiness operations
dc.subjectVulnerabilities
dc.titleQuantifying vulnerabilities: A systematic review of the state-of-the-art Web-Based Systems
dc.typeArticle
oaire.citation.issue1
oaire.citation.volume2
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Masue.pdf
Size:
95.62 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Collections