It's understandable that newly discovered application vulnerabilities get a lot of hype and attention. But it's the most common vulnerabilities we should really be worried about. One of the main culprits in data breaches, including some of the most high-profile attacks of recent years, is SQL injection.
According to Veracode research, SQL injection ranks among the 10 most common vulnerabilities — approximately one-third of applications have at least one SQL injection vulnerability. Fortunately, SQL injection vulnerabilities are eminently preventable. The SQL injection infographic below gives a simple explanation of how SQL injection works, along with some examples of recent attacks, and sample code with a SQL injection vulnerability. Most importantly, the infographic offers advice for developers and security professionals on how to prevent SQL injection flaws.
You can download the infographic PDF as a reference. And for more information about common vulnerability types, including SQL injection, browse the Veracode web application vulnerabilities knowledgebase.