You can now find Cyber Kendra on Google News | Telegram

Know what Security Scanning of 396 Open Source Web application says: Infographic

Vulnerability scanning report, web application testing, security testing, vulnerability scanning, vulnerability scanner, web application vulnerability scanning
According to the latest reports of NetSparker , where they mentioned that since 2011 they had scanned 396 Open Source Web Applications with there automatic Web Application Vulnerability Scanner. In the vulnerability scanning they identified 269 issues and released 114 zero-day advisories. On this test conducted, only 30% of the open source web applications we scanned had some sort of direct impact vulnerability.

Top Most Vulnerabilities are:
Out of the 269 vulnerabilities the Netsparker web vulnerability scanners identified:
180 were Cross-site Scripting vulnerabilities. These include reflected, stored,DOM Based XSS and XSS via RFI.

55 were SQL Injection vulnerabilities. These also include the Boolean and Blind (Time Based) SQL Injections.

16 were File Inclusion vulnerabilities, including both remote and local file inclusions.

The rest of the vulnerability types are CSRF, Remote Command Execution, Command Injection, Open Redirection, HTTP Header Injection (web server software issue) and Frame injection.

Infographic about Report
Please include attribution to NetSparker | Cyber Kendra with this graphic.

Security test of Web Applications
Again XSS and SQLi are on top
Cross-site scripting vulnerabilities amount to 67% of all the identified vulnerabilities. SQL Injection vulnerabilities amount to 20% of the vulnerabilities. Together, these two vulnerability types amount to 87% of all the identified vulnerabilities.

Cross-site scripting and SQL Injection vulnerabilities have been included in the OWASP Top 10 since the project started, mainly because they are very easy to find and also very easy to exploit. And yet, even after years of raising awareness about these vulnerabilities, the majority of the web applications we use are vulnerable to these type of vulnerabilities.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.