SQL Query Injection a Hazard Using Web Application

Most information systems and business applications built nowadays have a web frontend and they need to be universally available to clients, employees and partners around the world, as the digital economy is becoming more and more prevalent in the global economy. These web applications, which can be accessed from anywhere, become so widely exposed that any existing security vulnerability will most probably be uncovered and exploited by hackers. SQLi and XSS allow attackers to access unauthorized data (read, insert, change or delete), gain access to privileged database accounts. The data may contain credit card numbers, account numbers, social security numbers, user names, passwords, email accounts, etc. These goods have a huge demand in the underground economy, which indicate that they have a higher cost/benefit ratio compared to other types of attacks