{"id":"https://openalex.org/W3011001508","doi":"https://doi.org/10.1145/3377049.3377107","title":"Analyzing Web Application Vulnerabilities","display_name":"Analyzing Web Application Vulnerabilities","publication_year":2020,"publication_date":"2020-01-10","ids":{"openalex":"https://openalex.org/W3011001508","doi":"https://doi.org/10.1145/3377049.3377107","mag":"3011001508"},"language":"en","primary_location":{"id":"doi:10.1145/3377049.3377107","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3377049.3377107","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the International Conference on Computing Advancements","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100674579","display_name":"Md. Abdur Rahman","orcid":"https://orcid.org/0000-0003-0407-3840"},"institutions":[{"id":"https://openalex.org/I205746353","display_name":"University of Dhaka","ror":"https://ror.org/05wv2vq37","country_code":"BD","type":"education","lineage":["https://openalex.org/I205746353"]}],"countries":["BD"],"is_corresponding":true,"raw_author_name":"Md. Abdur Rahman","raw_affiliation_strings":["Centre for Advanced Research in Sciences, University of Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Centre for Advanced Research in Sciences, University of Dhaka, Bangladesh","institution_ids":["https://openalex.org/I205746353"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040280513","display_name":"Mahfida Amjad","orcid":null},"institutions":[{"id":"https://openalex.org/I205746353","display_name":"University of Dhaka","ror":"https://ror.org/05wv2vq37","country_code":"BD","type":"education","lineage":["https://openalex.org/I205746353"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Mahfida Amjad","raw_affiliation_strings":["Institute of Information Technology, University of Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Institute of Information Technology, University of Dhaka, Bangladesh","institution_ids":["https://openalex.org/I205746353"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066104063","display_name":"Byezid Ahmed","orcid":null},"institutions":[{"id":"https://openalex.org/I205746353","display_name":"University of Dhaka","ror":"https://ror.org/05wv2vq37","country_code":"BD","type":"education","lineage":["https://openalex.org/I205746353"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Byezid Ahmed","raw_affiliation_strings":["Institute of Information Technology, University of Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Institute of Information Technology, University of Dhaka, Bangladesh","institution_ids":["https://openalex.org/I205746353"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5034529862","display_name":"Md. Saeed Siddik","orcid":"https://orcid.org/0000-0002-3863-2543"},"institutions":[{"id":"https://openalex.org/I205746353","display_name":"University of Dhaka","ror":"https://ror.org/05wv2vq37","country_code":"BD","type":"education","lineage":["https://openalex.org/I205746353"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Md. Saeed Siddik","raw_affiliation_strings":["Institute of Information Technology, University of Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Institute of Information Technology, University of Dhaka, Bangladesh","institution_ids":["https://openalex.org/I205746353"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100674579"],"corresponding_institution_ids":["https://openalex.org/I205746353"],"apc_list":null,"apc_paid":null,"fwci":1.8684,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.88812859,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9926000237464905,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.8646508455276489},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7337373495101929},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.7130838632583618},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6838270425796509},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6762178540229797},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.6105071902275085},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5893222093582153},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.5580059289932251},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5481283664703369},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5330917239189148},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.5155351161956787},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.512255847454071},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4682425260543823},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.4484012722969055},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4305623471736908},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.3933493196964264},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.3191547691822052},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2962298095226288},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.20249095559120178}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.8646508455276489},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7337373495101929},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.7130838632583618},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6838270425796509},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6762178540229797},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.6105071902275085},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5893222093582153},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.5580059289932251},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5481283664703369},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5330917239189148},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.5155351161956787},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.512255847454071},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4682425260543823},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.4484012722969055},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4305623471736908},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.3933493196964264},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.3191547691822052},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2962298095226288},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.20249095559120178},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3377049.3377107","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3377049.3377107","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the International Conference on Computing Advancements","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W1977206554","https://openalex.org/W2072978486","https://openalex.org/W2085168597","https://openalex.org/W2144220405","https://openalex.org/W2506735292"],"related_works":["https://openalex.org/W2383958993","https://openalex.org/W1668723973","https://openalex.org/W3043810321","https://openalex.org/W2553301301","https://openalex.org/W2560421591","https://openalex.org/W2892115998","https://openalex.org/W2537414278","https://openalex.org/W2796094063","https://openalex.org/W2123075981","https://openalex.org/W2067195038"],"abstract_inverted_index":{"Internet":[0],"based":[1,83,118],"application":[2,59,91,100],"services":[3],"become":[4],"the":[5,21,38,42,46,58,88,125],"essential":[6],"part":[7],"of":[8,19,72,81,127],"peoples'":[9],"daily":[10],"activities.":[11],"Web":[12],"applications":[13,85],"are":[14,26],"a":[15,32],"complex":[16],"organized":[17],"mess":[18],"codes;":[20],"software":[22],"industry":[23],"often":[24,36],"they":[25],"built-in":[27],"extreme":[28],"pressure":[29],"to":[30,45,61,67,86,110,122],"meet":[31],"deadline.":[33],"Therefore,":[34],"it":[35],"retains":[37],"vulnerability":[39,139,147,163],"holes":[40],"from":[41],"development":[43],"phase":[44],"operational":[47],"phase.":[48],"Coding":[49],"flaws,":[50],"improper":[51],"input":[52],"sanitization,":[53],"server":[54],"misconfiguration,":[55],"etc.":[56],"causes":[57],"vulnerable":[60],"an":[62,78],"attacker,":[63],"which":[64],"may":[65],"lead":[66],"service":[68],"interruption":[69],"and":[70,106],"theft":[71],"valuable":[73],"information.":[74],"This":[75],"paper":[76],"conducts":[77],"empirical":[79],"analysis":[80],"e-commerce":[82,166],"web":[84,90,99],"evaluate":[87,111],"current":[89],"security":[92,101],"scenario":[93],"in":[94,164],"Bangladesh.":[95],"The":[96],"most":[97,137],"prominent":[98],"scanner":[102],"named":[103],"as":[104,151],"Acunetix":[105],"Nikto":[107],"were":[108,143],"used":[109],"this":[112,146],"study.":[113],"A":[114],"breakdown":[115],"has":[116],"conjured":[117],"on":[119],"analytical":[120],"results":[121],"find":[123],"out":[124],"types":[126],"vulnerability.":[128],"It":[129],"is":[130],"concluded":[131],"that":[132],"Cross-Site":[133],"Request":[134],"Forgery":[135],"shows":[136],"frequent":[138],"where":[140],"maximum":[141],"apps":[142],"found":[144],"having":[145],"so":[148],"aptly":[149],"ranked":[150],"number":[152],"one.":[153],"However,":[154],"cross":[155],"site":[156],"scripting":[157],"positioned":[158],"top":[159],"for":[160],"high-level":[161],"risk":[162],"Bangladeshi":[165],"platform.":[167]},"counts_by_year":[{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":3},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}