80% of the vulnerabilities been discovered nowadays are from websites.

SQL injection occurs when an attacker uses SQL scripts to send information to the server by using the website forms and URL's. If, the website form data is not sanitized before been sent to the database it can lead to this attack. Without sanitization, an attacker can post any data they want directly to the database thus been able to access the information stored and alter the information if so desired. It is easy to make an SQL query, insert it into a form field with whichever parameters one desires and this would compromise the security of the website and its data. Using SQL injection, an attacker can capture sensitive information stored in the database like passwords or credit card details. To prevent this attack, the website developer will need to ensure that the website form fields do not accept...
[ View Full Essay]