Now-a-days use of web applications is rapidly increasing. The authors are using various applications to fulfill the people daily needs such as online shopping, banking, ticket booking etc. Therefore their private data is available on the databases. Because of rapidly increasing use of web applications, the attacks on web applications are also increasing rapidly.SQL injection is one of the most serious attack on web application. It injects the SQL query and allows attackers to gain unrestricted access to databases underlying applications. In this paper they study about the SQL injection attack and its various types.