<![CDATA[Web-based academic systems have become an essential component in managing educational data, including student records, lecturer data, grades, class schedules, and other academic administration processes. The implementation of web technology enables educational institutions to improve efficiency, speed, and accuracy in processing academic information in an integrated manner, as well as providing easy access for users anytime and anywhere. However, this openness also introduces various security risks that may threaten data confidentiality and system reliability. One of the most common security threats in web applications is SQL Injection attacks, which exploit weaknesses in user input handling, particularly in applications connected to databases. Through this attack, malicious actors can insert harmful SQL commands to gain unauthorized access, modify data, or delete critical information. This study aims to analyze the vulnerability level of a web-based academic system to SQL Injection attacks and to identify appropriate prevention measures. The research method employs a case study approach and literature analysis with simulated attacks on login forms and data input features. The results indicate that systems lacking input validation, data sanitization, and prepared statements are highly vulnerable to SQL Injection attacks. Therefore, the implementation of proper security mechanisms is essential to protect academic data.]]>
Copyrights © 2026
