burger menu
Web Application Vulnerability Report 2019

Web Application Vulnerability Report 2019

    Add to bookmarks
SUMMARY

This report on security reveals that 35% of websites and web applications examined could be subject to at least one single high severity vulnerability.

The research also gives an overview of the most commonly found web application and network perimeter vulnerabilities. For many companies, the paper explains, security has to be automated and incorporated as a holistic part of the development process. Web application vulnerabilities represent a growingly important threat to the security of companies. In that respect, automation can help make the business application security more complete and dynamic.

The research showed that 2% of sampled targets were vulnerable to RCE, which is still a concerning figure considering its potential impact. It also found that 14% of sampled targets were vulnerable to at least one SQL injection. This figure has been going down over the years which means that developers are becoming wiser to the SQLi dangers. 

On the other hand, 2% of sampled targets were vulnerable to Directory Traversal, and 1% of targets were found to be vulnerable to Local File Inclusion. Meanwhile, a concerning 32% of sampled targets were vulnerable to at least one form of Cross-Site Scripting. XSS and social engineering enables cyber attackers to take away cookies and impersonate users, and get involved in keylogging, phishing and identity theft, the report notes.

More than one-quarter of sampled targets were found to use JavaScript libraries with known XSS vulnerabilities. The report also revealed that 1% of sampled targets were found to use weak passwords.

Report download requires free registration on publisher’s website.

OUTLINE

Introduction Methodology

The Dataset Vulnerabilities at a Glance

High Severity

Medium Severity Vulnerability Severity

Remote Code Execution

SQL Injection (SQLi)

Local File Inclusion and Directory Traversal Cross-site Scripting (XSS)

Vulnerable JavaScript Libraries

Weak Passwords

Source Code Disclosure

Server-side Request Forgery

Overflow Vulnerabilities

Perimeter Network Vulnerabilities

DoS Related Vulnerabilities

Cross-site Request Forgery

Host Header Injection

Directory Listing

TLS/SSL Vulnerabilities

WordPress Vulnerabilities

Web Server Vulnerabilities and Miscon gurationsConclusion

About Acunetix

 

 
DETAILS

Overview

Researchfinder Rating
4 out of 5 stars
Title
Web Application Vulnerability Report 2019
Region
Global
Published
Feb. 4, 2019
Publisher
acunetix
Price
FREE
Language
ENGLISH

Content

Number of Pages
27
Number of Tables
3
Number of Exhibits
20
Topics
security
Tags
acunetix, application security, application software, automation, global, network security, security, server security
Methodology
This report includes the analysis of vulnerabilities detected over the previous year, across 10,000 scan targets.
EVALUATION

An insightful research which takes a look of the most commonly encountered web application and network perimeter vulnerabilities.

Positives:

  • Understandable language
  • Great tables
  • Interesting findings about security vulnerabilities and how to address them

 

Similiar Reports

Internet Trends 2019

FREE

2019 Global eCommerce Fraud Management Report

FREE

Good Practices for Security of Internet of Things

FREE