Jurnal Ristech (Jurnal Riset, Sains dan Teknologi)

The Book Sales Website is a website used as a medium for buying and access between buyers and sellers, given that the website can be accessed widely. Therefore, it is necessary to pay attention to website security, one of which is to do SQL Injection, SQL Injection is a vulnerability that occurs when an attacker has the ability to influence Structured Query Language (SQL), a query that passes an application to a back-end database. The purpose of this study is to find loopholes, then find out how to test website security, and find solutions to overcome problems with website security on book sales websites. From the book selling website, 1 website is vulnerable to attack attack. The results of testing the website selling books have a vulnerability type High 44%, Medium types 17%, and Low types 39%. The security gap will be tested in order to obtain future solutions for the development of safer websites.