Since Bangladesh recently announced the Smart Bangladesh concept, the Government has decided to move its national services online. To that end, they have built websites for each sector, including the Land Ministry, to serve the nation. The initial goal of this step is to ensure that the service is equal and hassle-free in both urban and rural areas of the country. With this modern technological support, almost one hundred percent of the Land Ministry’s office work has shifted to online services. However, with these advancements, some drawbacks, such as security concerns related to data safety risks, accessibility, and vulnerabilities, have emerged, threatening the nation’s billions of sensitive data. Common vulnerabilities found on these sites, such as SQLi and XSS, could expose the nation to significant threats. This paper aims to identify various Common Vulnerabilities and Exposures (CVE), Common Weakness Enumerations (CWE), potential XSS vulnerabilities, and SQLi possibilities on the websites of the Land Ministry. To do so, the study employs penetration testing and scans six types of risk alerts (high, medium, low) on the Land Ministry’s websites using OWASP ZAP and Vega tools. Surprisingly, security concerns were not properly addressed during the development phase of these websites in Bangladesh. Based on the collected data and its analysis, this study concludes with an assessment of the current accessibility issues and vulnerabilities on the Land Ministry’s websites.
Cite this paper
Ahmed, N. (2025). Vulnerability and Accessibility Analysis of Bangladesh Ministry of Land’s Government Websites. Open Access Library Journal, 12, e2756. doi: http://dx.doi.org/10.4236/oalib.1112756.
The Great Bangladesh Cyber Heist Shows the Truth Is Stranger than Fiction. https://www.dhakatribune.com/opinion/op-ed/122939/the-great-bangladesh-cyber-heist-shows-truth-is
Con-gresswoman Wants Probe of “Brazen” $81 M Theft from New York Fed. https://nypost.com/2016/03/22/congresswoman-wants-probe-of-brazen-81m-theft-from-new-york-fed/
Farah, T., Alam, D., Ka-bir, M.A. and Bhuiyan, T. (2015) SQLi Penetration Testing of Financial Web Applications: Investigation of Bangladesh Re-gion. 2015 World Congress on Internet Security (WorldCIS), Dublin, 19-21 October 2015, 146-151. https://doi.org/10.1109/worldcis.2015.7359432
Alam, D., Bhuiyan, T., Kabir, M.A. and Farah, T. (2015) SQLi Vul-nerability in Education Sector Websites of Bangladesh. 2015 2nd International Conference on Information Security and Cyber Forensics (InfoSec), Cape Town, 15-17 November 2015, 152-157. https://doi.org/10.1109/infosec.2015.7435521
Alam, D., Kabir, M.A., Bhuiyan, T. and Farah, T. (2015) A Case Study of SQL Injection Vulnerabilities Assessment of .bd Domain Web Applications. 2015 4th International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec), Jakarta, 29-31 October 2015, 73-77. https://doi.org/10.1109/cybersec.2015.23
Masum, Md.A., Istiak Sachcha, Md.R. and Nayem, A. (2022) Security Analysis of Government & Financial Websites of Bangladesh. International Journal of Education and Management Engi-neering (IJEME), 12, 21-29.
Hossain, M., Hassan, R., Amjad, M. and Rahman, M. (2021) Web Performance Analysis: An Empirical Analysis of E-Commerce Sites in Bangladesh. International Journal of In-formation Engineering & Electronic Business, 13, 47-54.