Hui RiskSense ka nānā ʻana i nā nāwaliwali o 1622 i nā frameworks a me nā paepae no ka Pūnaewele, i ʻike ʻia mai 2010 a i Nowemapa 2019. ʻO kekahi mau hopena:
- ʻO WordPress a me Apache Struts ka helu no 57% o nā mea nāwaliwali a pau i hoʻomākaukau ʻia no ka hoʻouka ʻana.
E hele mai ana ʻo Drupal, Ruby on Rails a me Laravel. ʻO ka papa inoa o nā paepae me nā nāwaliwali i hoʻohana ʻia e komo pū me Node.js a me Django, akā ua loaʻa iā lākou kēlā me kēia mea nāwaliwali me ka hoʻohana ʻana mai 56 a me 66 mau nāwaliwali i loaʻa. ʻO nā haʻahaʻa maʻamau maʻamau i ka WordPress ʻo ke kākau ʻana i ka paena, a ma Apache Struts he pilikia lākou me ka hōʻoia hoʻokomo. - ʻO nā papahana ma PHP a me nā ʻōlelo Java ke alakaʻi nei i ka helu o nā nāwaliwali me nā hana i loaʻa.
- I ka makahiki 2019, ua emi iho ka huina o nā nāwaliwali, akā ua hoʻonui ʻia ka hapa o nā nāwaliwali me ka hoʻohana ʻana mai 3.9% a i 8.6%, ma muli o ka piʻi ʻana o ka nui o nā hana no Ruby on Rails, WordPress a me Java.
- ʻO ka haʻahaʻa maʻamau i ka laʻana 10 makahiki ʻo ia ka cross-site scripting (XSS). Ma ka laʻana 5 makahiki, he mau nāwaliwali nā alakaʻi i ka hōʻoia hewa ʻana o ka ʻikepili komo (24% o nā nāwaliwali āpau me ka hoʻohana ʻana), a ua hāʻule ʻo XSS i kahi 5th.
- ʻO nā vulnerabilities e hiki ai ke hoʻololi i SQL, code a me nā kauoha he mea liʻiliʻi, akā alakaʻi lākou i ka loaʻa ʻana o nā mea hoʻohana - ua hoʻomākaukau ʻia nā hana no ka ʻoi aku ma mua o 50% o ia mau nāwaliwali (60% no ka hoʻololi kauoha a me 39% no ka hoʻololi code) .
Source: opennet.ru