To address low detection efficiency, high testing overhead, and delayed response to high-risk SQL injection vulnerabilities in web applications, this paper proposes a dynamic test prioritization method leveraging historical test results. The core innovation is a time-adjustable “defense strength vector” that enables an adaptive prioritization framework tailored to software evolution: vulnerability risk and defense capability are modeled as vectors, and test case execution order is dynamically optimized via time-series sensitivity analysis. Experimental evaluation demonstrates that the method significantly improves SQL injection detection speed—reducing median detection time by 37%—while maintaining low testing overhead. It also enhances detection continuity and increases the high-severity vulnerability detection rate by 28.5%. Collectively, these advances enable rapid, security-aware feedback within agile development pipelines.

The rapid proliferation of network applications has led to a significant increase in network attacks. According to the OWASP Top 10 Projects report released in 2021, injection attacks rank among the top three vulnerabilities in software projects. This growing threat landscape has increased the complexity and workload of software testing, necessitating advanced tools to support agile development cycles. This paper introduces a novel test prioritization method for SQL injection vulnerabilities to enhance testing efficiency. By leveraging previous test outcomes, our method adjusts defense strength vectors for subsequent tests, optimizing the testing workflow and tailoring defense mechanisms to specific software needs. This approach aims to improve the effectiveness and efficiency of vulnerability detection and mitigation through a flexible framework that incorporates dynamic adjustments and considers the temporal aspects of vulnerability exposure.