SQL injection (SQLi) is a type of attack in which a hacker can take advantage of the insecure SQL query a web application makes to a database server (such as MySQL, Microsoft SQL Server and Oracle). It exploits weaknesses in a web application that are usually the result of poor development practices or mistakes. SQL injections are among the oldest, most prevalent and dangerous web application vulnerabilities. Since SQL injections affect web applications that make use of an SQL database, virtually every type of web application needs to pay attention to it. By abusing an SQL injection vulnerability, an attacker may be able to bypass a web application’s authentication and authorization mechanisms, retrieve the contents of an entire database, and even add, modify and delete records in that database, impacting its data integrity.