SQL: SQL injection is the exploitation of a web app vulnerability. An SQL Injection allows a hacker to access the full content of a back-end database. They can view, steal or manipulate any data. The attacker uses specially crafted input data to trick an SQL interpreter so it can no longer distinguish between legitimate commands and the attacker’s commands. The SQL interpreter then executes the commands exploiting the database. This means, the attacker has now access to create, read, change or completely delete critical data which can mean major vulnerabilities at the database layer. Nearly all organizations are subject to SQL injection attacks because nearly all of them use SQL.