ABSTRACT
An injection is an exploitation of an inherent weakness present in code. An attacker can either explicitly inject malicious code into the system, or (s)he can introduce junk characters as input data to force a program to deviate from its normal course of execution. Injection attacks can be easily identifi ed by observing the behaviour of an application for a common set of inputs. This chapter discusses the notso-good coding practices which raise serious vulnerability issues, exposing the deployed product to several types of attacks. Besides discussing the disastrous consequences of these attacks, the current chapter also familiarizes the reader with ways to overcome possible weak points of an application.
