SQL: SQL injection is the exploitation of a web app vulnerability. An SQL Injection allows a hacker to access the full content of ones back-end database, which in turn can be viewed, manipulated or deleted! The attacker uses specially crafted input data to trick SQL interpreter so it can no longer distinguish between legitimate commands and the attacker’s commands. The SQL interpreter then executes the commands exploiting the database. This means, the attacker has now access to create, read, change or completely delete critical data, which can mean major vulnerabilities at the database layer. Nearly all organizations are subject to SQL injection attacks, because nearly all of them use SQL.