People like novelty, and why not? The same old stuff gets boring. In the security world, it's understandable that newly discovered application vulnerabilities get a lot of attention. But it's the most common vulnerabilities we should really be worried about. One of the main culprits in data breaches, including some of the most high-profile attacks of the past year, is SQL injection.
According to Veracode research, SQL injection ranks among the 10 most common vulnerabilities — approximately one-third of applications have at least one SQL injection vulnerability. Fortunately, SQL injection vulnerabilities are eminently preventable. The SQL injection infographic below gives a simple explanation of how SQL injection works, along with some examples of recent attacks, and sample code with a SQL injection vulnerability. Most importantly, the infographic offers advice for developers and security professionals on how to prevent SQL injection flaws.
You can download the infographic PDF as a reference. And for more information about common vulnerability types, including SQL injection, browse the Veracode web application vulnerabilities knowledgebase.