Comparative analysis of web security in open source content management system

Abstract

Internet has become priceless tool that enables corporate world to show their capabilities. While Web applications have gained importance on the Internet, security is the only thing to worry. Business data is very critical that floats on the cloud and that's why Web Application Security is rapidly becoming a growing concern for all enterprises. In this paper we tried to show what is Hacking and its symptoms. In web development Content Management System (CMS) is gaining so much popularity as it uses to make easy editing and publishing process for novice even if he doesn't know web programming. There are over thousand of open source CMS available in the market. When we just talk about content management concept two or three names like Joomla, Drupal and WordPress strike in mind. As these are the one of the best CMSs in the market and their community provides nice basic security still we want to compare these CMS and want to know which CMS provides best security. To do the comparison we have done two case studies. In case 1 we have developed one common page in all CMS and host it then after we have applied different web attacks like SQLi, XSS, CSRF etc. and derived their hacking results. In case 2 we used Acunetix WVS Reporter v6.0 to find out the strength of security in different CMS. Apart from this we also try to find out Broken links in all listed CMSs.