Web Vulnerability Measures for SMEs Article Swipe
Prosper Kandabongee Yeng
,
Bian Yang
,
Benjamin Asubam Weyori
,
Peter Nimbe
,
Terje Solvoll
·
YOU?
·
· 2019
· Open Access
·
YOU?
·
· 2019
· Open Access
·
An investigation was conducted into web vulnerabilities in commonly used web application templates and frameworks (WAFs) systems such as Joomla, WordPress, Moodle and C #.Net framework. A web vulnerability scoring scheme was developed and used to record metrics of the vulnerabilities associated with the web application templates and frameworks. A custom web application was also developed purported to demonstrate how the vulnerabilities could be shielded in web application frameworks (WAFs). The investigations and implementations were guided by Open Web Application Security Project. The study found some of the most common vulnerabilities in the frameworks and templates at different levels. The choice of Content Management Systems (CMS) templates and WAFs for web application systems development can then be guided by this study.
Related Topics
Concepts
Computer science
World Wide Web
Web application security
Web application
Vulnerability (computing)
Web development
Implementation
Web standards
Template
Web application development
Web modeling
Web page
Computer security
Software engineering
Programming language
Metadata
- Type
- article
- Language
- en
- Landing Page
- http://hdl.handle.net/11250/2639523
- http://hdl.handle.net/11250/2639523
- OA Status
- green
- Cited By
- 1
- References
- 12
- Related Works
- 20
- OpenAlex ID
- https://openalex.org/W3004597678
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W3004597678Canonical identifier for this work in OpenAlex
- Title
-
Web Vulnerability Measures for SMEsWork title
- Type
-
articleOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2019Year of publication
- Publication date
-
2019-11-20Full publication date if available
- Authors
-
Prosper Kandabongee Yeng, Bian Yang, Benjamin Asubam Weyori, Peter Nimbe, Terje SolvollList of authors in order
- Landing page
-
https://hdl.handle.net/11250/2639523Publisher landing page
- PDF URL
-
https://hdl.handle.net/11250/2639523Direct link to full text PDF
- Open access
-
YesWhether a free full text is available
- OA status
-
greenOpen access status per OpenAlex
- OA URL
-
https://hdl.handle.net/11250/2639523Direct OA link when available
- Concepts
-
Computer science, World Wide Web, Web application security, Web application, Vulnerability (computing), Web development, Implementation, Web standards, Template, Web application development, Web modeling, Web page, Computer security, Software engineering, Programming languageTop concepts (fields/topics) attached by OpenAlex
- Cited by
-
1Total citation count in OpenAlex
- Citations by year (recent)
-
2020: 1Per-year citation counts (last 5 years)
- References (count)
-
12Number of works referenced by this work
- Related works (count)
-
20Other works algorithmically related by OpenAlex
Full payload
| id | https://openalex.org/W3004597678 |
|---|---|
| doi | |
| ids.mag | 3004597678 |
| ids.openalex | https://openalex.org/W3004597678 |
| fwci | 0.36401004 |
| type | article |
| title | Web Vulnerability Measures for SMEs |
| biblio.issue | |
| biblio.volume | 12 |
| biblio.last_page | |
| biblio.first_page | |
| topics[0].id | https://openalex.org/T12479 |
| topics[0].field.id | https://openalex.org/fields/17 |
| topics[0].field.display_name | Computer Science |
| topics[0].score | 1.0 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/1710 |
| topics[0].subfield.display_name | Information Systems |
| topics[0].display_name | Web Application Security Vulnerabilities |
| topics[1].id | https://openalex.org/T11424 |
| topics[1].field.id | https://openalex.org/fields/17 |
| topics[1].field.display_name | Computer Science |
| topics[1].score | 0.9959999918937683 |
| topics[1].domain.id | https://openalex.org/domains/3 |
| topics[1].domain.display_name | Physical Sciences |
| topics[1].subfield.id | https://openalex.org/subfields/1702 |
| topics[1].subfield.display_name | Artificial Intelligence |
| topics[1].display_name | Security and Verification in Computing |
| topics[2].id | https://openalex.org/T10734 |
| topics[2].field.id | https://openalex.org/fields/17 |
| topics[2].field.display_name | Computer Science |
| topics[2].score | 0.9911999702453613 |
| topics[2].domain.id | https://openalex.org/domains/3 |
| topics[2].domain.display_name | Physical Sciences |
| topics[2].subfield.id | https://openalex.org/subfields/1710 |
| topics[2].subfield.display_name | Information Systems |
| topics[2].display_name | Information and Cyber Security |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| concepts[0].id | https://openalex.org/C41008148 |
| concepts[0].level | 0 |
| concepts[0].score | 0.6956060528755188 |
| concepts[0].wikidata | https://www.wikidata.org/wiki/Q21198 |
| concepts[0].display_name | Computer science |
| concepts[1].id | https://openalex.org/C136764020 |
| concepts[1].level | 1 |
| concepts[1].score | 0.6825495362281799 |
| concepts[1].wikidata | https://www.wikidata.org/wiki/Q466 |
| concepts[1].display_name | World Wide Web |
| concepts[2].id | https://openalex.org/C59241245 |
| concepts[2].level | 4 |
| concepts[2].score | 0.6754627823829651 |
| concepts[2].wikidata | https://www.wikidata.org/wiki/Q4781497 |
| concepts[2].display_name | Web application security |
| concepts[3].id | https://openalex.org/C118643609 |
| concepts[3].level | 2 |
| concepts[3].score | 0.5417031645774841 |
| concepts[3].wikidata | https://www.wikidata.org/wiki/Q189210 |
| concepts[3].display_name | Web application |
| concepts[4].id | https://openalex.org/C95713431 |
| concepts[4].level | 2 |
| concepts[4].score | 0.5248092412948608 |
| concepts[4].wikidata | https://www.wikidata.org/wiki/Q631425 |
| concepts[4].display_name | Vulnerability (computing) |
| concepts[5].id | https://openalex.org/C79373723 |
| concepts[5].level | 3 |
| concepts[5].score | 0.5129706263542175 |
| concepts[5].wikidata | https://www.wikidata.org/wiki/Q386275 |
| concepts[5].display_name | Web development |
| concepts[6].id | https://openalex.org/C26713055 |
| concepts[6].level | 2 |
| concepts[6].score | 0.48865774273872375 |
| concepts[6].wikidata | https://www.wikidata.org/wiki/Q245962 |
| concepts[6].display_name | Implementation |
| concepts[7].id | https://openalex.org/C182321512 |
| concepts[7].level | 3 |
| concepts[7].score | 0.4788067936897278 |
| concepts[7].wikidata | https://www.wikidata.org/wiki/Q1153289 |
| concepts[7].display_name | Web standards |
| concepts[8].id | https://openalex.org/C82714645 |
| concepts[8].level | 2 |
| concepts[8].score | 0.4761785864830017 |
| concepts[8].wikidata | https://www.wikidata.org/wiki/Q438331 |
| concepts[8].display_name | Template |
| concepts[9].id | https://openalex.org/C120927855 |
| concepts[9].level | 4 |
| concepts[9].score | 0.465016633272171 |
| concepts[9].wikidata | https://www.wikidata.org/wiki/Q189210 |
| concepts[9].display_name | Web application development |
| concepts[10].id | https://openalex.org/C130436687 |
| concepts[10].level | 3 |
| concepts[10].score | 0.44266802072525024 |
| concepts[10].wikidata | https://www.wikidata.org/wiki/Q7978591 |
| concepts[10].display_name | Web modeling |
| concepts[11].id | https://openalex.org/C21959979 |
| concepts[11].level | 2 |
| concepts[11].score | 0.37500637769699097 |
| concepts[11].wikidata | https://www.wikidata.org/wiki/Q36774 |
| concepts[11].display_name | Web page |
| concepts[12].id | https://openalex.org/C38652104 |
| concepts[12].level | 1 |
| concepts[12].score | 0.2841795086860657 |
| concepts[12].wikidata | https://www.wikidata.org/wiki/Q3510521 |
| concepts[12].display_name | Computer security |
| concepts[13].id | https://openalex.org/C115903868 |
| concepts[13].level | 1 |
| concepts[13].score | 0.21508997678756714 |
| concepts[13].wikidata | https://www.wikidata.org/wiki/Q80993 |
| concepts[13].display_name | Software engineering |
| concepts[14].id | https://openalex.org/C199360897 |
| concepts[14].level | 1 |
| concepts[14].score | 0.0 |
| concepts[14].wikidata | https://www.wikidata.org/wiki/Q9143 |
| concepts[14].display_name | Programming language |
| keywords[0].id | https://openalex.org/keywords/computer-science |
| keywords[0].score | 0.6956060528755188 |
| keywords[0].display_name | Computer science |
| keywords[1].id | https://openalex.org/keywords/world-wide-web |
| keywords[1].score | 0.6825495362281799 |
| keywords[1].display_name | World Wide Web |
| keywords[2].id | https://openalex.org/keywords/web-application-security |
| keywords[2].score | 0.6754627823829651 |
| keywords[2].display_name | Web application security |
| keywords[3].id | https://openalex.org/keywords/web-application |
| keywords[3].score | 0.5417031645774841 |
| keywords[3].display_name | Web application |
| keywords[4].id | https://openalex.org/keywords/vulnerability |
| keywords[4].score | 0.5248092412948608 |
| keywords[4].display_name | Vulnerability (computing) |
| keywords[5].id | https://openalex.org/keywords/web-development |
| keywords[5].score | 0.5129706263542175 |
| keywords[5].display_name | Web development |
| keywords[6].id | https://openalex.org/keywords/implementation |
| keywords[6].score | 0.48865774273872375 |
| keywords[6].display_name | Implementation |
| keywords[7].id | https://openalex.org/keywords/web-standards |
| keywords[7].score | 0.4788067936897278 |
| keywords[7].display_name | Web standards |
| keywords[8].id | https://openalex.org/keywords/template |
| keywords[8].score | 0.4761785864830017 |
| keywords[8].display_name | Template |
| keywords[9].id | https://openalex.org/keywords/web-application-development |
| keywords[9].score | 0.465016633272171 |
| keywords[9].display_name | Web application development |
| keywords[10].id | https://openalex.org/keywords/web-modeling |
| keywords[10].score | 0.44266802072525024 |
| keywords[10].display_name | Web modeling |
| keywords[11].id | https://openalex.org/keywords/web-page |
| keywords[11].score | 0.37500637769699097 |
| keywords[11].display_name | Web page |
| keywords[12].id | https://openalex.org/keywords/computer-security |
| keywords[12].score | 0.2841795086860657 |
| keywords[12].display_name | Computer security |
| keywords[13].id | https://openalex.org/keywords/software-engineering |
| keywords[13].score | 0.21508997678756714 |
| keywords[13].display_name | Software engineering |
| language | en |
| locations[0].id | pmh:oai:ntnuopen.ntnu.no:11250/2639523 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S4363605262 |
| locations[0].source.issn | |
| locations[0].source.type | other |
| locations[0].source.is_oa | False |
| locations[0].source.issn_l | |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | 116 |
| locations[0].source.host_organization | |
| locations[0].source.host_organization_name | |
| locations[0].license | other-oa |
| locations[0].pdf_url | http://hdl.handle.net/11250/2639523 |
| locations[0].version | submittedVersion |
| locations[0].raw_type | info:eu-repo/semantics/article |
| locations[0].license_id | https://openalex.org/licenses/other-oa |
| locations[0].is_accepted | False |
| locations[0].is_published | False |
| locations[0].raw_source_name | 1-16 |
| locations[0].landing_page_url | http://hdl.handle.net/11250/2639523 |
| locations[1].id | mag:3004597678 |
| locations[1].is_oa | False |
| locations[1].source | |
| locations[1].license | |
| locations[1].pdf_url | |
| locations[1].version | |
| locations[1].raw_type | |
| locations[1].license_id | |
| locations[1].is_accepted | False |
| locations[1].is_published | |
| locations[1].raw_source_name | |
| locations[1].landing_page_url | https://ojs.bibsys.no/index.php/NISK/article/download/706/576 |
| authorships[0].author.id | https://openalex.org/A5008690111 |
| authorships[0].author.orcid | https://orcid.org/0000-0003-2553-5936 |
| authorships[0].author.display_name | Prosper Kandabongee Yeng |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Prosper Kandabongee Yeng |
| authorships[0].is_corresponding | False |
| authorships[1].author.id | https://openalex.org/A5076903652 |
| authorships[1].author.orcid | |
| authorships[1].author.display_name | Bian Yang |
| authorships[1].author_position | middle |
| authorships[1].raw_author_name | Bian Yang |
| authorships[1].is_corresponding | False |
| authorships[2].author.id | https://openalex.org/A5064716614 |
| authorships[2].author.orcid | https://orcid.org/0000-0001-5422-4251 |
| authorships[2].author.display_name | Benjamin Asubam Weyori |
| authorships[2].author_position | middle |
| authorships[2].raw_author_name | Benjamin A. Weyori |
| authorships[2].is_corresponding | False |
| authorships[3].author.id | https://openalex.org/A5068146656 |
| authorships[3].author.orcid | https://orcid.org/0000-0002-6823-5274 |
| authorships[3].author.display_name | Peter Nimbe |
| authorships[3].author_position | middle |
| authorships[3].raw_author_name | Peter Nimbe |
| authorships[3].is_corresponding | False |
| authorships[4].author.id | https://openalex.org/A5027820336 |
| authorships[4].author.orcid | https://orcid.org/0000-0001-8874-7106 |
| authorships[4].author.display_name | Terje Solvoll |
| authorships[4].author_position | last |
| authorships[4].raw_author_name | Terje Solvoll |
| authorships[4].is_corresponding | False |
| has_content.pdf | True |
| has_content.grobid_xml | False |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | http://hdl.handle.net/11250/2639523 |
| open_access.oa_status | green |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-10-10T00:00:00 |
| display_name | Web Vulnerability Measures for SMEs |
| has_fulltext | False |
| is_retracted | False |
| updated_date | 2025-11-06T04:12:42.849631 |
| primary_topic.id | https://openalex.org/T12479 |
| primary_topic.field.id | https://openalex.org/fields/17 |
| primary_topic.field.display_name | Computer Science |
| primary_topic.score | 1.0 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/1710 |
| primary_topic.subfield.display_name | Information Systems |
| primary_topic.display_name | Web Application Security Vulnerabilities |
| related_works | https://openalex.org/W1999844813, https://openalex.org/W2540347421, https://openalex.org/W1877404780, https://openalex.org/W3110436441, https://openalex.org/W1583761149, https://openalex.org/W1533010594, https://openalex.org/W2729435159, https://openalex.org/W2002855705, https://openalex.org/W1593310996, https://openalex.org/W204070137, https://openalex.org/W2353539331, https://openalex.org/W2587249013, https://openalex.org/W9261052, https://openalex.org/W2145262256, https://openalex.org/W1788682449, https://openalex.org/W2227103352, https://openalex.org/W174654409, https://openalex.org/W157362134, https://openalex.org/W1560103981, https://openalex.org/W2272567649 |
| cited_by_count | 1 |
| counts_by_year[0].year | 2020 |
| counts_by_year[0].cited_by_count | 1 |
| locations_count | 2 |
| best_oa_location.id | pmh:oai:ntnuopen.ntnu.no:11250/2639523 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S4363605262 |
| best_oa_location.source.issn | |
| best_oa_location.source.type | other |
| best_oa_location.source.is_oa | False |
| best_oa_location.source.issn_l | |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | 116 |
| best_oa_location.source.host_organization | |
| best_oa_location.source.host_organization_name | |
| best_oa_location.license | other-oa |
| best_oa_location.pdf_url | http://hdl.handle.net/11250/2639523 |
| best_oa_location.version | submittedVersion |
| best_oa_location.raw_type | info:eu-repo/semantics/article |
| best_oa_location.license_id | https://openalex.org/licenses/other-oa |
| best_oa_location.is_accepted | False |
| best_oa_location.is_published | False |
| best_oa_location.raw_source_name | 1-16 |
| best_oa_location.landing_page_url | http://hdl.handle.net/11250/2639523 |
| primary_location.id | pmh:oai:ntnuopen.ntnu.no:11250/2639523 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S4363605262 |
| primary_location.source.issn | |
| primary_location.source.type | other |
| primary_location.source.is_oa | False |
| primary_location.source.issn_l | |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | 116 |
| primary_location.source.host_organization | |
| primary_location.source.host_organization_name | |
| primary_location.license | other-oa |
| primary_location.pdf_url | http://hdl.handle.net/11250/2639523 |
| primary_location.version | submittedVersion |
| primary_location.raw_type | info:eu-repo/semantics/article |
| primary_location.license_id | https://openalex.org/licenses/other-oa |
| primary_location.is_accepted | False |
| primary_location.is_published | False |
| primary_location.raw_source_name | 1-16 |
| primary_location.landing_page_url | http://hdl.handle.net/11250/2639523 |
| publication_date | 2019-11-20 |
| publication_year | 2019 |
| referenced_works | https://openalex.org/W2552911211, https://openalex.org/W599446956, https://openalex.org/W1993558273, https://openalex.org/W2071731693, https://openalex.org/W2062394878, https://openalex.org/W2010554864, https://openalex.org/W1782799247, https://openalex.org/W2072644483, https://openalex.org/W1598083179, https://openalex.org/W2169868363, https://openalex.org/W1795549172, https://openalex.org/W2162142914 |
| referenced_works_count | 12 |
| abstract_inverted_index.A | 26, 49 |
| abstract_inverted_index.C | 23 |
| abstract_inverted_index.An | 0 |
| abstract_inverted_index.as | 18 |
| abstract_inverted_index.at | 96 |
| abstract_inverted_index.be | 63, 116 |
| abstract_inverted_index.by | 76, 118 |
| abstract_inverted_index.in | 7, 65, 91 |
| abstract_inverted_index.of | 38, 86, 101 |
| abstract_inverted_index.to | 35, 57 |
| abstract_inverted_index.The | 70, 82, 99 |
| abstract_inverted_index.Web | 78 |
| abstract_inverted_index.and | 13, 22, 33, 47, 72, 94, 107 |
| abstract_inverted_index.can | 114 |
| abstract_inverted_index.for | 109 |
| abstract_inverted_index.how | 59 |
| abstract_inverted_index.the | 39, 43, 60, 87, 92 |
| abstract_inverted_index.was | 2, 31, 53 |
| abstract_inverted_index.web | 5, 10, 27, 44, 51, 66, 110 |
| abstract_inverted_index.Open | 77 |
| abstract_inverted_index.WAFs | 108 |
| abstract_inverted_index.also | 54 |
| abstract_inverted_index.into | 4 |
| abstract_inverted_index.most | 88 |
| abstract_inverted_index.some | 85 |
| abstract_inverted_index.such | 17 |
| abstract_inverted_index.then | 115 |
| abstract_inverted_index.this | 119 |
| abstract_inverted_index.used | 9, 34 |
| abstract_inverted_index.were | 74 |
| abstract_inverted_index.with | 42 |
| abstract_inverted_index.#.Net | 24 |
| abstract_inverted_index.(CMS) | 105 |
| abstract_inverted_index.could | 62 |
| abstract_inverted_index.found | 84 |
| abstract_inverted_index.study | 83 |
| abstract_inverted_index.(WAFs) | 15 |
| abstract_inverted_index.Moodle | 21 |
| abstract_inverted_index.choice | 100 |
| abstract_inverted_index.common | 89 |
| abstract_inverted_index.custom | 50 |
| abstract_inverted_index.guided | 75, 117 |
| abstract_inverted_index.record | 36 |
| abstract_inverted_index.scheme | 30 |
| abstract_inverted_index.study. | 120 |
| abstract_inverted_index.(WAFs). | 69 |
| abstract_inverted_index.Content | 102 |
| abstract_inverted_index.Joomla, | 19 |
| abstract_inverted_index.Systems | 104 |
| abstract_inverted_index.levels. | 98 |
| abstract_inverted_index.metrics | 37 |
| abstract_inverted_index.scoring | 29 |
| abstract_inverted_index.systems | 16, 112 |
| abstract_inverted_index.Project. | 81 |
| abstract_inverted_index.Security | 80 |
| abstract_inverted_index.commonly | 8 |
| abstract_inverted_index.shielded | 64 |
| abstract_inverted_index.conducted | 3 |
| abstract_inverted_index.developed | 32, 55 |
| abstract_inverted_index.different | 97 |
| abstract_inverted_index.purported | 56 |
| abstract_inverted_index.templates | 12, 46, 95, 106 |
| abstract_inverted_index.Management | 103 |
| abstract_inverted_index.WordPress, | 20 |
| abstract_inverted_index.associated | 41 |
| abstract_inverted_index.framework. | 25 |
| abstract_inverted_index.frameworks | 14, 68, 93 |
| abstract_inverted_index.Application | 79 |
| abstract_inverted_index.application | 11, 45, 52, 67, 111 |
| abstract_inverted_index.demonstrate | 58 |
| abstract_inverted_index.development | 113 |
| abstract_inverted_index.frameworks. | 48 |
| abstract_inverted_index.investigation | 1 |
| abstract_inverted_index.vulnerability | 28 |
| abstract_inverted_index.investigations | 71 |
| abstract_inverted_index.implementations | 73 |
| abstract_inverted_index.vulnerabilities | 6, 40, 61, 90 |
| cited_by_percentile_year.max | 94 |
| cited_by_percentile_year.min | 89 |
| countries_distinct_count | 0 |
| institutions_distinct_count | 5 |
| sustainable_development_goals[0].id | https://metadata.un.org/sdg/16 |
| sustainable_development_goals[0].score | 0.6000000238418579 |
| sustainable_development_goals[0].display_name | Peace, Justice and strong institutions |
| citation_normalized_percentile.value | 0.71977363 |
| citation_normalized_percentile.is_in_top_1_percent | False |
| citation_normalized_percentile.is_in_top_10_percent | False |