In today's epoch security of web applications has increased. A review held in 2010 shows web application vulnerabilities and SQL Injection Attack (SQLIA) ranked among top five. Intruders who want to access confidential data from data base without having access permissions uses SQL injection attack. In SQLIA adversary requests through a malicious query which shows some confidential data. It is also proved that when a network and host-level entry point is highly secured, the public interface provided by an application is the one and only source of SQL injection attack.