A Survey on XPath Injection

Authors

  • Krupa R. Trambadiya Department of Computer Science and Engineering, PIET, Limda

Keywords:

Web Application; Security; Injection Attack; XML; XPath; Vulnerability Detection

Abstract

With the increasing use of internet technologies and online activities, Security of internet resources is also threatened day by day by malicious
activities done by attackers. Injection attack is one of the most threatening attacks. Nowadays XML is used as communication protocol in web
applications. The expressiveness and flexibility of XML gives opportunities for attackers to perform injection attacks. By using xml databases
instead of relational databases the web applications are more vulnerable to injection attacks. The major reason for severity of XML injection
attacks compared to SQL injection attacks is due to the lack of access control mechanism in XML databases. This paper introduces xml
based injection attacks with example for each and surveys XPath injection vulnerability detection techniques. Vulnerability
detection of XML based web applications can be done by static analysis or dynamic analysis.

Downloads

Published

2015-05-25

How to Cite

Krupa R. Trambadiya. (2015). A Survey on XPath Injection. International Journal of Advance Research in Engineering, Science & Technology, 2(5), 420–425. Retrieved from https://ijarest.org/index.php/ijarest/article/view/194

Issue

Vol. 2 No. 5 (2015): Volume: 02, Issue: 05 - May, 2015.

Section

Articles