5 Dangerous Web Application Flaws Coveted By Attackers

SQL Injection Rising

SQL injection is a favorite vulnerability of attackers because automated scripts can be used to get a website to send a malicious SQL command to the underlying database in an effort to get it to expose its content. Cenzic said that while all other classes of vulnerabilities saw declines in 2012, SQL injection has risen, but the firm said it could be due to improvements of detection tools more than from new deficiencies in security practices. SQL injection accounted for 16 percent of all Web applications Cenzic tested in 2012.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.