Abstract

The Pervasive Adoption of the Web as an imminent means of information retrieval and other transactions, involving financial consequences like e-banking, online payment of bills, e-shopping etc, have made us more and more dependent on web applications. An unauthorized access to highly sensitive data by an attacker can threaten the Confidentiality, Integrity and Authorization of data. SQL injection attacks are the most perilous attacks to databases and web applications. It stands among top ten most threatening attacks to database security. Various techniques have been developed to curb SQLIA but still the rate of such attacks is increasing day by day. Although numerous techniques and methods have been devised to put an end to SQLI attacks, these methods either fail to discourse all the aspects of attack or have limitations, preventing their use. In this paper, various reasons accountable for such attacks have been identified, analyzed and the existing techniques have been extensively reviewed.