Detecting vulnerabilities in universities' websites: A Security Analysis

Hackers use various methods to gain unauthorized entry into systems, particularly those operating on Internet platforms. This can be achieved through manual hand-held techniques, predominantly reliant on hacker experience, or by utilizing a specialized tool created either by the hacker themselves or by another information security professional. By utilizing these diverse approaches, hackers aim to pinpoint weaknesses in software, penetrate databases in order to compromise their confidentiality and utilize the information, or prevent access to and deletion of the content on the Website.

The scholar observed during his research at the institution the case study sample, highlighting various efforts to breach the electronic examination and registration systems (two subsystems within the college's primary platform). Consequently, the focus was directed towards detecting potential weaknesses in the fundamental code of the institution's website; precisely assessing the impact of these vulnerabilities. To meet the research goals, the scholar conducted vulnerability tests by inserting code into specific fields on the website pages. Upon receiving affirmative responses multiple times, the scholar proceeded to utilize the Acunetix Web Vulnerability Scanner tool (AWVS) by inputting the URL as the primary entry point and the sub inputs will be the sub links. Following an analysis of the test report, four software vulnerabilities were identified to exist based on the determination made, varying in strength from minor to moderate. These vulnerabilities were accurately pinpointed by identifying the affected areas, assessing the severity of each, and evaluating their implications on the website.