👨💻What is a web application? | What are Web Threats?🗳
A web application (aka website) is an application based on the client-server model. The server provides the database access and the business logic. It is hosted on a web server. The client application runs on the client web browser. Web applications are usually written in languages such as Java, C#, and VB.Net, PHP, ColdFusion Markup Language, etc. the database engines used in web applications include MySQL, MS SQL Server, PostgreSQL, SQLite, etc.
Most web applications are hosted on public servers accessible via the Internet. This makes them vulnerable to attacks due to easy accessibility. The following are common web application threats.
SQL Injection – the goal of this threat could be to bypass login algorithms, sabotage the data, etc.
Denial of Service Attacks – the goal of this threat could be to deny legitimate users access to the resource
Cross Site Scripting XSS – the goal of this threat could be to inject code that can be executed on the client side browser.
Cookie/Session Poisoning – the goal of this threat is to modify cookies/session data by an attacker to gain unauthorized access.
Form Tampering – the goal of this threat is to modify form data such as prices in e-commerce applications so that the attacker can get items at reduced prices.
Code Injection – the goal of this threat is to inject code such as PHP, Python, etc. that can be executed on the server. The code can install backdoors, reveal sensitive information, etc.
Defacement – the goal of this threat is to modify the page been displayed on a website and redirecting all page requests to a single page that contains the attacker’s message.
Top comments (0)