Dynamic web page technology has become part of the development of the Internet. Dynamic website content that can show different results in each user in accordance with the desired configuration and needs. But behind the advantage that this technology has vulnerabilities. One threat is the use of scripts to gain access to the system by using cookies. Techinque Cross-Site Scripting (XSS) and SQL Injection is a form of attack from the above techniques. Application Server Bina Darma University Digital Library has experienced the problem. The problem in this research, there are still weaknesses in web applications and there has been no improvement scripting program. Tools used in this study is Acunetix Vulnerability Scanner version 6.5 and Shadow Database Scanner version 7.75 for security analysis of web and database servers. The research method used is Action Research. This research was successfully conducted an analysis of security system includes a web server, applications programs and database servers on the system Digital Library of Bina Darma University.