Date Added: Oct 2013
SQL injection attacks have become one of the most common and dangerous Web application security issues on the Internet. SQL injection vulnerabilities occur when an application takes user content data and uses it to construct SQL (Structured Query Language) statements without first properly validating or sanitizing that content. SQL injection attacks take advantage of SQL injection vulnerabilities to steal sensitive data from the database, modify or destroy the stolen data, execute administrative commands on the database, or in some cases take control of the whole machine. In recent years, SQL injection attacks have been used to store malware in databases and then distribute them through Web sites that are hosted on these compromised databases.