Detecting SQL Injections From Web Applications
Most of the published attacks in the National Vulnerability database from the year 2007 to till date are on web attacks, statistically there are total 10134 CVEs published. Among them 1479 are SQL injection flaws and 1569 are cross site scripting flaws and millions of attacks are not yet published. Very recent SQL injection and cross site scripting attacks are on most famous websites such as Nokia, and Cisco caused so much of damage. These issues became challenging events for the security industry. SQL Injection attack allows the attackers to fully compromise web database via web application. Cross site scripting attack allows the attackers to modify the web content.