ABDALLA MOHAMED, ISLAM2016-05-222016-05-222015-10-01http://hdl.handle.net/123456789/2826SQL injection attacks are a serious security threat to Web applications. They allow attackers to obtain the data stored in the database. To address this problem, i present anextensive review of the various types of SQL injection attacks known to date. For each type of attack, i provide descriptions of how attacks of that type could be performed and present a methodology to prevent SQL injection attacks. I also created a program to scan any website for SQL injection Vulnerability even if it the website use filtration to prevent SQL injection.Web ApplicationPHPStructured Query Language Injection