A Survey on SQL Injection Attacks and Prevention Methods

Number of devices connected to internet are increasing day by day. Number of users for web applications is also increased rapidly. Most of the organization will have their website to give information to the users or to provide the service. Database is necessary to store data related to users or to store any information which users are served. SQL is used widely to communicate with the database. In SQL injection attack, malicious SQL statement is executed on the database by the attacker. SQL injection is very serious security threat as it can be employed to steal the content of database, change the values stored in the database, even whole database can be erased. In most of organizations content of database are very confidential and have financial importance for the organization. This review shows how the attack can be mitigated effectively.