An SQL (Structured Query Language) injection attack targets interactive Web applications that employ database services. Some papers in literature even refer to stored procedures as a remedy against SQL injection attacks. Injection attack is a method that can inject any kind of malicious string or anomaly string on the original string. During an SQL injection attack, an attacker might provide malicious SQL query segments as user input which could result in a different database request. This technique combines static application code analysis with runtime validation to eliminate the occurrence of such attacks.