What is SQL injection? This oldie but goodie can make your web applications hurt
SQL injection attacks are well-understood and easily preventable, and the priority for risk mitigation should be preventing SQL injection attacks in the first place. Listen to Little Bobby Tables and sanitize your database inputs. SQL injection, or SQLi, is one of the least sophisticated web application security attacks that can give an adversary complete control over your web application database.