The SQL Injection is my favorite one, and it's the most dangerous one that you will encounter in your career. An SQL Injection vulnerability will allow a malicious user to execute SQL commands on the database through the web browser. The cause of this problem is like any other web vulnerability; the developer forgot to add any validation on the server side to protect against SQLi attacks.

Here's the most interesting part; an SQLi vulnerability will allow you to do the following:

• Query the database using a select statement (for example, select the users table, thereby extracting the usernames and passwords)
• Bypass the login page by executing successful query results (you'll see an example soon)
• Execute system commands in the database in order to compromise the web server
• Execute inserts/delete commands to manipulate the records in the database

It's time to see some actions folks! You will be shocked to see how powerful this vulnerability can be to a system.