05 Web Application Security Vulnerabilities | Our Safety Is In Our Hands!

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp
Quick Bite: Insecure Cryptographic Storage, Security Misconfiguration, Insecure Direct Object References, SQL Injection, Cross Site Scripting.

Vulnerabilities in software and applications are not entirely new things. They are flaws in the applications that can be exploited for malpractices. These vulnerabilities rise from various issues like weak passwords, bugs, viruses etc. The important thing is to fix these problems before any relevant damage is made.

 

Some of the known security vulnerabilities are…

Insecure Cryptographic Storage: This vulnerability arises when important data is not stored securely. The type of data may vary based on the type of the application. Some common sensitive data include credit card details, personal information etc. It may be exploited by lack of proper security and encryption. This may lead to identity theft, credit card theft etc.

Security Misconfiguration: The flaws in security go beyond just storage. If the frontiers like framework, server etc are exploited then not only is the data in danger but also the complete system. The information obtained about the system may be misconfigured to mess up the system. On the other hand the system data may also be used to gather information for further future attacks.

Insecure Direct Object References: If the link to any internal implementation of an application is exposed then it may be used to gain access to internal data. It is important to keep in mind to not to share reference links of internal data unless absolutely necessary. Moreover it is important to take such steps with full precaution.

SQL Injection: In this vulnerability use of the input data by the user is used for exploitation. Thos happens when user input is sent as a command and instead of the intended data some malicious command is made to execute. This leads to the altering of the back-end SQL statements. This can inject harmful data in the back-end fields.

Cross Site Scripting: This vulnerability is intended to attack the users of the web applications. This is done by injecting code on the client side script. This allows the attacker to manipulate scripts of the web application. Attackers can execute malicious scripts in victim’s web browser. This can lead to messing up user sessions and being redirected to unsecured websites.

It is important to be aware of these vulnerabilities as a user as well as designer, developer etc. It is important to do regular checks and tests to stop their web applications and data from being exploited.