Skip to main content

Top 3 Most Popular Web Application Vulnerabilities - Security Scans of 396 Open Source Web Applications

Article Reads:9238

Since 2011 Web Application Vulnerability scanners scanned 396 open source web applications. The scanners identified 269 vulnerabilities and a popular web vulnerability scanner published 114 advisories about the 0-day ones. 32 of the advisories include details about multiple vulnerabilities. According to the statistics above, around 30% of the open source web applications we scanned had some sort of direct impact vulnerability.


Out of the 269 vulnerabilities a specific scanner detected the web vulnerability scanners identified:

  • 180 were Cross-site Scripting vulnerabilities. These include reflected, stored, DOM Based XSS and XSS via RFI.
  • 55 were SQL Injection vulnerabilities. These also include the Boolean and Blind (Time Based) SQL Injections.
  • 16 were File Inclusion vulnerabilities, including both remote and local file inclusions.

The rest of the vulnerability types are CSRF, Remote Command Execution, Command Injection, Open Redirection, HTTP Header Injection (web server software issue) and Frame injection.

Your IP address:

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any

Network and Server Monitoring

Network and Server Monitoring


Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Firewall Analyzer

zoho firewall analyzer