Implementing Security in a Vulnerable CRM

Alexandru Valentin Besciu

Abstract


This paper work objective is to scan and analyze a web application developed in early 2013 by the author of this paperwork. The application has been improved constantly since then, but without having a security plan included. Unfortunately the application arrived at a point where the security isn’t optional anymore and it needs to be improved. In order to do this I scanned the web application files with Acunetix Web Vulnerabilities Scanner. After the analysis the results pointed which vulnerabilities the application has and how to fix them. After I had fixed the vulnerabilities I rescanned the application to see if there were any others which appeared because of the new code. After the scanning the results were good, Acunetix WVS showing only notices.

Keywords


Web, Security, Vulnerabilities, Scanner, Application

Full Text:

PDF

References


Bryan Sullivan, Web Application Security, A Beginner’s Guide, 2011, ISBN-13: 978-0071776165, pp. 40-52

Steven Palmer, Web Application Vulnerabilities: Detect, Exploit, Prevent, 2007, ISBN-13: 978-1597492096, pp. 150-180

Joel Scambray, Hacking Exposed WEB Applications, 2010, ISBN-13: 978-0071740647, pp. 86-114

Dafydd Stuttard, The Web Application Hacker’s Handbook, 2007, ISBN-13: 978-0470170779, pp 530-600

Jon Erickson, The Art of Exploitation, 2nd Edition, 2008, ISBN-13: 978-1593271442, pp. 25-40

Kevin Beaver, Hacking for Dummies, 2004, ISBN-13: 978-0764557842, pp. 80-133


Refbacks

  • There are currently no refbacks.


Journal of Mobile, Embedded and Distributed Systems (JMEDS) ISSN: 2067 – 4074 (online)