According to one recent study, the top three software security loopholes are mainly due to following reasons: 1. Cross Site Scipting 2. SQL Injection 3. Malicious File Execution SQL Injection In this type of software vulnerability, hackers try to gain the access to the application by injecting SQL code. Below is the simple example : Lets say an application is giving access to the user by asking them to enter user id and password in its login screen. But the application code is written in such a way [Concatenated user input strings] that it gives the access based on checking the below SQL statement in the backend. SELECT FIRST_NAME FROM USERS_TABLE WHERE USER_ID = ‘’’ ||user_id_input ||’’’ and password== ‘’’ ||password_input ||’’’; Lets say users_table in the database is having following data : Users Table Row Number First_Name Last_Name user_Id password 1 Mike Tyson mike trickme Now if Mike enters user id as ‘mike’ and password as ‘trickme’ then h...