Various organizations tend towards to establish websites, which use databases in order to store, recall, update etc., for specific information. This database can create by using Structure Query Language (SQL). SQL is defined as a query or interpreted language, which depends on using statements via SQL, developing and managing for web database such as incorporate user-supplied data. Moreover, information that store in the database could be high value of:
• Financial secret information such as transactions in banks, users accounts, companies statics
• Private information of some kind information system like patients information in the hospitals, students records in the universities
• Classified data that are related to national security of a country
Besides, the main risk that can find in establishing database is security. This means constructing database that characterizes with unsafe manner, therefore; there is a possible to find a vulnerable in web application, which knows SQL Injection Attack (SQLIA). To illustrate that, if user supplied data is not properly validated, then user can modify a malicious SQL statements and can execute arbitrary code on the target machine or modify the contents of database.
One of the reasons for SQLIA is that websites have databases, which include important, personal, secret information. This reason is driven attackers to penetrate these websites. Thus, these website will be determined target from SQLIA. Hence, SQLIA is very serious issue depending on the platform where the attack is launched and it gets success in injection rogue users to the target system. Therefore, any unauthorized access to these databases can lead to cause significant threat. This risk can be lead to effect into: Confidentiality, Integrity, Authentication, and Authorization impact.
II. WHY NEED TO STUDY SQL?