Najla’a Ateeq  Mohammed Draib, Abu Bakar  Md Sultan, Abdul Azim  B Abd Ghani, Hazura  Zulzalil, 
    Security Testing of Web Applications for Detecting and Exploiting
Second-Order SQL Injection Vulnerabilities,
    Journal of Engineering and Applied Sciences,
    Volume 13,Issue 20,
    2018,
    Pages 8426-8431,
    ISSN 1816-949x,
    jeasci.2018.8426.8431,
    (https://makhillpublications.co/view-article.php?doi=jeasci.2018.8426.8431)
    Abstract: SQL injection is considered one of the most serious issues affecting web application's security. It
occurs when an attacker tries to access the back-end database of web applications by exploiting improper user
input validation vulnerabilities. There are two types of SQL injection, namely, first-order SQL injection and
second-order SQL injection. Most of the existing research works addressing this issue focus on detecting the
first-order SQL injection with a common assumption that preventing first-order injection attack makes web
applications secure against other SQL injection attacks. However, second-order injection attacks can occur in
applications that are secured against first-order injection attacks. This is a dangerous security problem which
can occasionally, lead to dire consequences. In this study, we present our work-in-progress that uses a static
taint analysis and symbolic execution approach for detecting second-order SQL injection vulnerabilities. We
first use static taint analysis to identify candidate vulnerabilities. Then, we use symbolic execution to generate
those input vectors that make the program execution satisfy conditions and confirm the existence of SQL
injection vulnerabilities. This is the first technique of which we are aware that generates input vectors that
expose second-order SQL injection vulnerabilities. The initial analysis of our proposed approach shows some
promising results.
    Keywords: vulnerability detection;second-order SQL injection;static analysis;Security testing;webapplications;promising results