Vulnerability of injection attacks against the application security of framework based websites open web access security project (OWASP)

Imam Riadi, Rusydi Umar, Wasito Sukarno


The development of website applications is currently growing rapidly, but it is not followed by a good security system that can cause the number of security holes that can be entered by the attacker. The number of website applications that are vulnerable to injection attacks to make managers must be aware of and often update and immediately close the security gap. Website applications that have good security will become more secure but the application is still vulnerable to injection attacks. Updating and changing passwords periodically will be better than in fix. Many security hints and risks are released by Open Web Application Security Project (OWASP) TOP 10-2017 as well as a reference in wary of security risks in the application.


Website Applications; Injection; Security; OWASP

Full Text:



Farhood Norouzizadeh Dezfoli, Ali Dehghantanha, Ramlan Mahmoud, Nor Fazlida binti Mohd Sani, Farid Daryabar. Digital Forensic Trens and Future. IJCSDF. 2013, Vol 2: 48-76.

Imam Riadi, Eddy Irawan Aristianto. An Analysis of Vulnerability Web Against Attack Unrestricted Image File Upload. Computer Engineering and Applications. 2016, Vol 5, No 1: 19-28.

Desti Mualifah, Imam Riadi, Network Forensics For Detecting Flooding Attack on Web Server. IJCSIS.2017, Vol 15, No 2: 326-331.

Ade Kurniawan, Imam Riadi. Forensic Analysis and Prevent of Cross Site Scripting in Single Victim Attack Using Open Web Application Security Project (OWASP) Framework. JATIT. 2017, Vol 95, No 6: 1363-1371.

Albert Sagala, Elni Manurung, Binsar Siahaan dan Rusman Marpaung. Deteksi, Identifikasi dan Penanganan Web Menggunakan SQL Injection dan Cross Site Scripting. Seminar Nasional Ilmu Komputer 2014, 1-7.

Rahajeng Ellysa, Muchammad Husni, dan Baskoro Adi Pratomo. Jurusan Teknik Informatika, Fakultas Teknologi Informasi, Institut Teknologi Sepuluh Nopember (ITS) Pendeteksi Serangan SQL Injection Menggunakan Algoritma SQL Injection Free Secure pada Aplikasi Web. Jurnal Teknik POMITS. 2013, Vol. 2, No. 1: 1-6.

W. Halfond, A. Orso, AMNESIA: Analysis and Monitoring for Netralizing SQL-Injection Attacks, 2005.

OWASP. SQL Injection [Internet]. 2009 [diperbaharui pada 3 Februari 2009; disitat pada 28 Juni 2013]. Bisa diakses pada:

Rudi Samuel Pardosi Cyber Security Research Center. “ Kali Linux Top Hacking”, 2015

Open Web Application Security Project (OWASP) TOP 10 Application Security Risks 2017 akses Website:


Article Metrics

Abstract view : 198 times
PDF - 92 times


  • There are currently no refbacks.

Copyright (c) 2018

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.


ISSN : 1978-0524 (print) | 2528-6374 (online)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

View JIFO stats