Vulnerability Analysis of Content Management Systems to SQL Injection Using SQLMAP

Olajide Ojagbule, Hayden Wimmer, Rami Haddad

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

There are over 1 billion websites today, and most of them are designed using content management systems. Cybersecurity is one of the most discussed topics when it comes to a web application and protecting the confidentiality, integrity of data has become paramount. SQLi is one of the most commonly used techniques that hackers use to exploit a security vulnerability in a web application. In this paper, we compared SQLi vulnerabilities found on the three most commonly used content management systems using a vulnerability scanner called Nikto, then SQLMAP for penetration testing. This was carried on default WordPress, Drupal and Joomla website pages installed on a LAMP server (Iocalhost). Results showed that each of the content management systems was not susceptible to SQLi attacks but gave warnings about other vulnerabilities that could be exploited. Also, we suggested practices that could be implemented to prevent SQL injections.

Original languageAmerican English
JournalIEEE SoutheastCon 2018 Conference Proceeding
DOIs
StatePublished - Oct 4 2018

DC Disciplines

  • Computer Sciences

Fingerprint

Dive into the research topics of 'Vulnerability Analysis of Content Management Systems to SQL Injection Using SQLMAP'. Together they form a unique fingerprint.

Cite this