Statistics 2012: security flaws in web applications
These statistics, analyzed in 2012 by HTTPCS, show the extent to which sectors of activity can be affected by security vulnerabilities.
HTTPCS Statistics in 2012
Web application security vulnerabilities
By criticality level
- extremely critical: 8%
- very critical : 37%
- critical : 38%
- less critical : 17%
By vulnerability type
- XSS (Cross Site Scripting) : 41%.
- SQLI (SQL Injection) : 34%.
- TRV (Directory Transversal) : 11%.
- LFI (Local File Inclusion) : 7,2 %.
- PCI (PHP Code Injection) : 5%.
- RFI (Remote File Inclusion) : 1,4 %.
- SCI (Shell Code Injection) : 0,4 %.
By Top Level Domain
- .com : 28%
- .net : 16%
- .fr : 13%
- .ma : 11%
- .dz : 9.4%
- .tn : 8.2%
- .be : 5%
- .es : 2.4%
- .org : 2%
- .ch : 1.5%
- .biz : 0.3%
- others : 3.2%
