Yeasmin Sultana

Work place: Institute of Information Technology, University of Dhaka, Dhaka 1000, Bangladesh



Research Interests: Computational Science and Engineering, Software Engineering


Yeasmin Sultana is studying for her Master’s degree in Software Engineering at the University of Dhaka. She completed her bachelor's degree majoring in Computer Science and Engineering from Daffodil International University in the year 2022.

Author Articles
Vulnerabilities Assessment of Financial and Government Websites: A Developing Country Perspective

By Md. Asif Khan Rifat Yeasmin Sultana B M Mainul Hossain

DOI:, Pub. Date: 8 Oct. 2023

The growing number of web applications in a developing country like Bangladesh has led to an increase in cybercrime activities. This study focuses on measuring the vulnerabilities present in financial and government websites of Bangladesh to address the rising security concerns. We reviewed related works on web application vulnerability scanners, comparative studies on web application security parameters, surveys on web application penetration testing methodologies and tools, and security analyses of government and financial websites in Bangladesh. Existing studies in the context of developing countries have provided limited insight into web application vulnerabilities and their solutions. These studies have focused on specific vulnerabilities, lacked comprehensive evaluations of security parameters, and offered a limited comparative analysis of vulnerability scanners. Our study aims to address these gaps by conducting an in-depth analysis using the OWASP ZAP tool to scan and analyze risk alerts, including risk levels such as high, medium, low, and informational. Our investigation unveiled eight key vulnerabilities, including Hash Disclosure, SQL injection (SQLi), Cross-Site Request Forgery (CSRF), missing Content Security Policy (CSP) headers, Cross-Domain JavaScript File Inclusion, absence of X-Content-Type-Options headers, Cache-related concerns, and potential Cross-Site Scripting (XSS), which can lead to revealing hidden information, enabling malicious code, and failing to protect against specific types of attacks. In essence, this study does not only reveal major security weaknesses but also provides guidance on how to mitigate them, thereby playing a vital role in promoting enhanced cybersecurity practices within the nation.

[...] Read more.
Other Articles