What is a Web application vulnerability?
A Web application vulnerability is a security weakness in a website or its environment. Vulnerabilities are sort of like holes, and an attacker can get in through the holes to make a website perform actions or do things the site owner didn't intend.
Flaws in a site's code or improper configuration can cause vulnerabilities. Depending on the vulnerability, attackers can do all sorts of things to steal information, disrupt a website or perform other malicious actions.
Vulnerabilities are difficult for Web developers to identify because, in many cases, they do not affect the intended use of the application. Plus, there are hundreds of "known" vulnerabilities and new ones are discovered daily.
For example: If a login page on your site submits credentials in "clear text," the login information is sent to the server unencrypted. Visitors can log in and might not notice any issue.
Attackers who discover the "clear text" vulnerability might try to intercept another visitor's login information to view it.
You can resolve this issue by adding an SSL certificate to your website. SSLs encrypt transactions between visitors and your site, so an attacker cannot view the credentials.
Avoid vulnerabilities by learning more about secure coding standards, and keep your hosting applications up to date with the most recent versions or patches. Use a tool to detect issues, such as Website Protection Site Scanner.
To learn more about common vulnerabilities and how to avoid them, see The Open Web Application Security Project.
Configuring Internet Explorer 8.0 to Work with Website Protection Site Scanner
Retrieving Your Website Protection Site Scanner Seal Code
Verifying Website Control for Website Protection Site Scanner
Multiple Vulnerabilities in JS Calendar 1.5.1 and 1.5.4 for Joomla!
Does Website Protection Site Scanner use bandwidth?
Multiple Vulnerabilities in Translation Management 6.x-1.21
Your message was successfully sent.
There was an error in sending your message, please try again.
Have a question about the content of this article?