For a long time now SQL Injection has been regarded as a potentially devastating attack vector. Attackers used SQL Injection to steal 40 million credit card numbers from Cardsystems in 2005.
The rise in SQL Injection attacks has been rapid and has made this attack the one the hackers all want to execute in 2008. In 2005 SQL Injection attacks accounted for 0.20% of CVE (Common Vulnerabilities and Exposure) numbers issued compared to 20% so far in 2008. This rise has only been challenged by Cross Site Scripting (XSS) which had figures of 0.18% for 2005 and 15.32% for 2008.
In this article I will briefly explain what a SQL Injection attack exploits, how to prevent them and why I feel the problem will only get worse before it gets better.
Popularity: 1%
