Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability
The internet's continuous evolution has profoundly impacted society through the advancement of website technology and applications, reshaping contemporary ways of life. These digital platforms offer unrestricted information access, overcoming spatial and temporal limitations. In the re...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Andalas University
2024-12-01
|
| Series: | JITCE (Journal of Information Technology and Computer Engineering) |
| Subjects: | |
| Online Access: | http://10.250.30.20/index.php/JITCE/article/view/222 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1823864556118605824 |
|---|---|
| author | Mifthahul Rahmi Yuhandri Yunus Sumijan Sumijan |
| author_facet | Mifthahul Rahmi Yuhandri Yunus Sumijan Sumijan |
| author_sort | Mifthahul Rahmi |
| collection | DOAJ |
| description |
The internet's continuous evolution has profoundly impacted society through the advancement of website technology and applications, reshaping contemporary ways of life. These digital platforms offer unrestricted information access, overcoming spatial and temporal limitations. In the realm of software development, Vulnerability Assessment is essential for producing high-quality products, as seemingly minor errors can create dangerous vulnerabilities that malicious actors may exploit to pilfer information from websites or applications. This study examines the security level of the Integrated website and application within the Faculty of Medicine, Universitas Andalas (Fakultas XYZ) environment, utilizing the Acunetix Web Vulnerability Scanner tool. The initial scan revealed a threat level of 3 (high) for the Fakultas XYZ website and level 2 (medium) for the Integrated application. Following a recapitulation process, several web alerts were identified for optimization, including Cross-Site Scripting (XSS), Blind SQL Injection, Application error message, HTML form without CSRF protection, Development configuration file, Directory listing, Error message on page, and User credentials sent in clear text. The optimization process involved source code review and enhancement to improve website features. A subsequent scan post-optimization demonstrated a reduction in threat levels for both the website and the UNAND FK Symphony application, with both achieving threat level 1 (low).
|
| format | Article |
| id | doaj-art-16f857acd0d743a6b2d2088259deaf94 |
| institution | Kabale University |
| issn | 2599-1663 |
| language | English |
| publishDate | 2024-12-01 |
| publisher | Andalas University |
| record_format | Article |
| series | JITCE (Journal of Information Technology and Computer Engineering) |
| spelling | doaj-art-16f857acd0d743a6b2d2088259deaf942025-02-08T21:25:54ZengAndalas UniversityJITCE (Journal of Information Technology and Computer Engineering)2599-16632024-12-018210.25077/jitce.8.2.83-96.2024Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix VulnerabilityMifthahul Rahmi0Yuhandri Yunus1Sumijan Sumijan2Universitas Putra Indonesia (UPI) YPTKUniversitas Putra Indonesia (UPI) YPTKUniversitas Putra Indonesia (UPI) YPTK The internet's continuous evolution has profoundly impacted society through the advancement of website technology and applications, reshaping contemporary ways of life. These digital platforms offer unrestricted information access, overcoming spatial and temporal limitations. In the realm of software development, Vulnerability Assessment is essential for producing high-quality products, as seemingly minor errors can create dangerous vulnerabilities that malicious actors may exploit to pilfer information from websites or applications. This study examines the security level of the Integrated website and application within the Faculty of Medicine, Universitas Andalas (Fakultas XYZ) environment, utilizing the Acunetix Web Vulnerability Scanner tool. The initial scan revealed a threat level of 3 (high) for the Fakultas XYZ website and level 2 (medium) for the Integrated application. Following a recapitulation process, several web alerts were identified for optimization, including Cross-Site Scripting (XSS), Blind SQL Injection, Application error message, HTML form without CSRF protection, Development configuration file, Directory listing, Error message on page, and User credentials sent in clear text. The optimization process involved source code review and enhancement to improve website features. A subsequent scan post-optimization demonstrated a reduction in threat levels for both the website and the UNAND FK Symphony application, with both achieving threat level 1 (low). http://10.250.30.20/index.php/JITCE/article/view/222Vulnerability, Website, Application, FK UNAND, Acunetix Web Vulnerability Scanner |
| spellingShingle | Mifthahul Rahmi Yuhandri Yunus Sumijan Sumijan Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability JITCE (Journal of Information Technology and Computer Engineering) Vulnerability, Website, Application, FK UNAND, Acunetix Web Vulnerability Scanner |
| title | Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability |
| title_full | Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability |
| title_fullStr | Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability |
| title_full_unstemmed | Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability |
| title_short | Vulnerability Testing and Analysis on Websites and Web-Based Applications in the XYZ Faculty Environment Using Acunetix Vulnerability |
| title_sort | vulnerability testing and analysis on websites and web based applications in the xyz faculty environment using acunetix vulnerability |
| topic | Vulnerability, Website, Application, FK UNAND, Acunetix Web Vulnerability Scanner |
| url | http://10.250.30.20/index.php/JITCE/article/view/222 |
| work_keys_str_mv | AT mifthahulrahmi vulnerabilitytestingandanalysisonwebsitesandwebbasedapplicationsinthexyzfacultyenvironmentusingacunetixvulnerability AT yuhandriyunus vulnerabilitytestingandanalysisonwebsitesandwebbasedapplicationsinthexyzfacultyenvironmentusingacunetixvulnerability AT sumijansumijan vulnerabilitytestingandanalysisonwebsitesandwebbasedapplicationsinthexyzfacultyenvironmentusingacunetixvulnerability |