32% of all Web applications are vulnerable to SQL injections
SQL injections are the ugly step-brother of DDOS attacks, maybe not as glamorous but many times more effective.
Unlike DDOS attacks, which can be carried out regardless of the client's server architecture, SQL injection attacks rely on the presence of a flaw in the target's software, or the use of bad coding practices.
SQL injections usually end up granting an attacker read access to a database, exposing information, or even worse, giving them write access or full control over the data, which can later be held for ransom.
In the past, companies like Yahoo!, Bell Canada, Kaspersky Lab, The Pirate Bay, the MySQL website, Barracuda Networks and many smaller government services and universities have fallen victim to this kind of attacks.
