The Impact of Web Vulnerability Exploitation on Data Integrity: A Review of Developers’ Ethical and Legal Obligations
DOI:
https://doi.org/10.65310/wjahqt98Keywords:
Data Integrity, SQL Injection, Cybersecurity Law, Professional Ethics, Web Vulnerability.Abstract
Web application security vulnerabilities, specifically SQL injection, pose a critical threat to data integrity, directly undermining the foundational security pillars of accuracy, completeness, and consistency. This study investigates the impact of such exploits through controlled black-box penetration testing on vulnerable prototypes, subsequently analyzing the findings against ethical engineering frameworks and Indonesian cyber law regulations. Empirical evidence demonstrates that inadequate security configurations lead to unauthorized data exfiltration and mass manipulation, which constitutes a severe breach of professional developer responsibilities. The research highlights that technical failures are inextricably linked to legal and ethical accountability, necessitating a transition from reactive patching to a proactive, security-by-design development paradigm. By mapping technical vulnerabilities to the governing legal statutes and professional ethics codes, this article establishes a mandate for developers to prioritize robust security architectures. The study underscores that strengthening digital resilience requires a cohesive integration of advanced technical defense mechanisms with strict adherence to national regulatory frameworks to ensure long-term data security and institutional accountability in the digital era.
Downloads
References
Adegbite, M. A. (2025). Data Privacy And Data Security Challenges In Digital Finance. Journal of Digital Security and Forensics, 2(1), 6-19. https://doi.org/10.29121/digisecforensics.v2.i1.2025.40
Ahmed, I. (2025). Navigating ethics and risk in artificial intelligence applications within information technology: a systematic review. American Journal of Advanced Technology and Engineering Solutions, 1(01), 579-601. https://doi.org/10.63125/590d7098
Akor, S. O., Nongo, C., Udofot, C., & Oladokun, B. D. (2024). Cybersecurity awareness: Leveraging emerging technologies in the security and management of libraries in higher education institutions. Southern African Journal of Security, 2, 14-pages. https://doi.org/10.25159/3005-4222/16671
Alhitmi, H. K., Mardiah, A., Al-Sulaiti, K. I., & Abbas, J. (2024). Data security and privacy concerns of AI-driven marketing in the context of economics and business field: an exploration into possible solutions. Cogent Business & Management, 11(1), 2393743. https://doi.org/10.1080/23311975.2024.2393743
Anderson, R. J. (2010). Security engineering: A guide to building dependable distributed systems (2nd ed.). John Wiley & Sons.
Bente, B. E., Van Dongen, A., Verdaasdonk, R., & van Gemert-Pijnen, L. (2024). eHealth implementation in Europe: a scoping review on legal, ethical, financial, and technological aspects. Frontiers in digital health, 6, 1332707. https://doi.org/10.3389/fdgth.2024.1332707
Brown, M. A., Gruen, A., Maldoff, G., Messing, S., Sanderson, Z., & Zimmer, M. (2025). Web scraping for research: Legal, ethical, institutional, and scientific considerations. Big Data & Society, 12(4), 20539517251381686. https://doi.org/10.1177/20539517251381686
Clarke, J. (2012). SQL injection attacks and defense (2nd ed.). Syngress.
Creswell, J. W., & Creswell, J. D. (2018). Research design: Qualitative, quantitative, and mixed methods approaches (5th ed.). SAGE Publications.
Denis, A., Thomas, A., Robert, W., Samuel, A., Kabiito, S. P., Morish, Z., ... & Mijwil, M. M. (2025). A survey on artificial intelligence and blockchain applications in cybersecurity for smart cities. SHIFRA, 2025, 1-45. https://doi.org/10.70470/SHIFRA/2025/001
Ferhataj, A., Memaj, F., Sahatcija, R., Ora, A., & Koka, E. (2025). Ethical concerns in AI development: analyzing students’ perspectives on robotics and society. Journal of Information, Communication and Ethics in Society, 23(2), 165-187. https://doi.org/10.1108/JICES-08-2024-0111
González, A. L., Moreno, M., Román, A. C. M., Fernández, Y. H., & Pérez, N. C. (2024). Ethics in artificial intelligence: An approach to cybersecurity. Inteligencia Artificial, 27(73), 38-54. https://doi.org/10.4114/intartif.vol27iss73pp38-54
Gotterbarn, D. (1997). Software engineering: The new professionalism. In C. Burnap & R. Ellis (Eds.), Software quality assurance: From theory to implementation. Pearson Education.
Government Regulation Number 71 of 2019 concerning the Implementation of Electronic Systems and Transactions, (Republic of Indonesia 2019).
Gursoy, D., Başer, G., & Chi, C. G. (2025). Corporate digital responsibility: navigating ethical, societal, and environmental challenges in the digital age and exploring future research directions. Journal of Hospitality Marketing & Management, 34(3), 305-324. https://doi.org/10.1080/19368623.2025.2465634
He, Z., Li, Z., Yang, S., Ye, H., Qiao, A., Zhang, X., ... & Chen, T. (2024). Large language models for blockchain security: A systematic literature review. arXiv preprint arXiv:2403.14280. https://doi.org/10.48550/arXiv.2403.14280
Hossain, M. I., Steigner, T., Hussain, M. I., & Akther, A. (2024). Enhancing data integrity and traceability in industry cyber physical systems (ICPS) through Blockchain technology: A comprehensive approach. arXiv preprint arXiv:2405.04837. https://doi.org/10.48550/arXiv.2405.04837
IBM Security. (2023). Cost of a data breach report 2023. IBM Corporation. https://www.ibm.com/reports/data-breach
Jawad, L. A. (2024). Security and privacy in digital healthcare systems: challenges and mitigation strategies. Abhigyan, 42(1), 23-31. https://doi.org/10.1177/09702385241233073
Koehn, D. (1994). The ground of professional ethics. Routledge.
Kumar, A., Murthy, S. V., Singh, S., & Ragupathy, S. (2024). The ethics of interaction: Mitigating security threats in llms. arXiv preprint arXiv:2401.12273. https://doi.org/10.48550/arXiv.2401.12273
Law Number 11 of 2008 concerning Electronic Information and Transactions, (Republic of Indonesia 2008).
Law Number 19 of 2016 concerning Amendments to Law Number 11 of 2008 concerning Electronic Information and Transactions, (Republic of Indonesia 2016).
Law Number 27 of 2022 concerning Personal Data Protection, (Republic of Indonesia 2022).
Mohammed, A. (2025). Artificial Intelligence-Powered Cyber Attacks: Adversarial Machine Learning. Authorea Preprints. https://doi.org/10.22541/au.173862063.39098197/v1
Muhammad, A., Hadiana, A. I., & Ilyas, R. (2025). Eksploitasi Broken Access Control Untuk Eskalasi Hak Akses Pada LMS Universitas XYZ. Jurnal Algoritma, 22(2), 1-11. https://doi.org/10.33364/algoritma/v.22-2.2287
National Cyber and Crypto Agency. (2022). Laporan tahunan BSSN 2022: Keamanan siber nasional [BSSN 2022 annual report: National cybersecurity]. National Cyber and Crypto Agency.
Ning, Y., Teixayavong, S., Shang, Y., Savulescu, J., Nagaraj, V., Miao, D., ... & Liu, N. (2024). Generative artificial intelligence and ethical considerations in health care: a scoping review and ethics checklist. The Lancet Digital Health, 6(11), e848-e856. https://doi.org/10.1016/S2589-7500(24)00143-2
Omotunde, H., & Ahmed, M. (2023). A comprehensive review of security measures in database systems: Assessing authentication, access control, and beyond. Mesopotamian Journal of CyberSecurity, 2023, 115-133. https://doi.org/10.58496/MJCSC/2023/016
OWASP. (2020). OWASP testing guide version 4.2. The OWASP Foundation. https://owasp.org/www-project-web-security-testing-guide/
OWASP. (2021). OWASP top ten 2021. The OWASP Foundation. https://owasp.org/www-project-top-ten/
Robert, W., Denis, A., Thomas, A., Samuel, A., Kabiito, S. P., Morish, Z., & Ali, G. (2024). A comprehensive review on cryptographic techniques for securing internet of medical things: A state-of-the-art, applications, security attacks, mitigation measures, and future research direction. Mesopotamian Journal of Artificial Intelligence in Healthcare, 2024, 135-169. https://doi.org/10.58496/MJAIH/2024/016
Simorangkir, A., Sihombing, H., Sihite, P. I., & Parhusip, J. (2024). Ransomware pada Data PDN Implikasi Etis dan Tanggung Jawab Profesional dalam Pengelolaan Keamanan Siber. Journal Sains Student Research, 2(6), 324-331. https://doi.org/10.61722/jssr.v2i6.2966
Stallings, W., & Brown, L. (2018). Computer security: Principles and practice (4th ed.). Pearson Education.
Wasti, S., Lee, I. H., Kim, S., Lee, J. H., & Kim, H. (2023). Ethical and legal challenges in nanomedical innovations: a scoping review. Frontiers in genetics, 14, 1163392. https://doi.org/10.3389/fgene.2023.1163392
Yadav, N. S., Rounak, R., & Sharma, P. C. (2024). Web-based Vulnerability Analysis and Detection. International Journal of Sensors, Wireless Communications and Control. https://doi.org/10.2174/0122103279319619241008221647
Zhao, Y., Qu, Y., Xiang, Y., Uddin, M. P., Peng, D., & Gao, L. (2024). A comprehensive survey on edge data integrity verification: Fundamentals and future trends. ACM Computing Surveys, 57(1), 1-34. https://doi.org/10.1145/3680277
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Muhamad Nazry Khoiry, Evy Nurmiati (Author)

This work is licensed under a Creative Commons Attribution 4.0 International License.




















