Vulnerabilities that threaten web applications in Afghanistan

چکیده

Familiarizing web developers with different types of vulnerabilities lead to the creation of secure web applications. In the last few decades there has been considerable interest in web hacking which leads to different types of web attacks that can cause financial damages, privacy loss, data loss and life-threatening situations. The aim of this study is to discover the most common web vulnerabilities that exist in Afghanistan’s web applications. We conducted this study by using Netsparker, Skipfish, and Acunetix web vulnerability scanners with the standard web vulnerability assessment (WVA) method. The result shows that almost all the web applications in Afghanistan are vulnerable to different types of cyber-attacks. A total of 997 instances of various types of vulnerabilities detected on 109 web applications from three different domains. This study presents 25 common vulnerabilities, which is more than prior studies. The results of this study familiarize web developers to the most common vulnerabilities that can exist in a typical web application. Therefore, this study will encourage them to take these vulnerabilities into considerations during software development life cycle.