Web Vulnerability Measures for SMEs

Yeng, Prosper; Yang, Bian; Solvoll, Terje; Nimbe, Peter; Weyori, Benjamin Asubam
Journal article, Peer reviewed
Published version
Thumbnail
View/Open
URI
http://hdl.handle.net/11250/2639523
Date
2019
Metadata
Show full item record
Collections
Original version
Norsk Informasjonssikkerhetskonferanse (NISK). 2019, 12 (2019), 1-16.  
Abstract
An investigation was conducted into web vulnerabilities in commonly used web application templates and frameworks (WAFs) systems such as Joomla, WordPress, Moodle and C #.Net framework. A web vulnerability scoring scheme was developed and used to record metrics of the vulnerabilities associated with the web application templates and frameworks. A custom web application was also developed purported to demonstrate how the vulnerabilities could be shielded in web application frameworks (WAFs). The investigations and implementations were guided by Open Web Application Security Project. The study found some of the most common vulnerabilities in the frameworks and templates at different levels. The choice of Content Management Systems (CMS) templates and WAFs for web application systems development can then be guided by this study.
Publisher
NIK: Norsk Informatikkonferanse
Journal
Norsk Informasjonssikkerhetskonferanse (NISK)