SQL-Injections: A wake-up call for developer : A study about a major threat and issue for companies and organizations worldwide

Sammanfattning: Injection attack is the most critical website security risk, and SQL-injection attack is the most reported injection attack on websites. This thesis strives to find an answer of why SQL-injections still remain as one of the most common website vulnerabilities. A questionnaire was conducted where companies and organizations answered several questions about their awareness, experience and knowledge of SQL-injections. After statistical analysis, results was found that indicate that there are many reasons behind SQL-injection vulnerabilities, for example many companies and organizations begins to sanitize input data after the attack, and others don’t know what SQL-injection is. This thesis will also contribute to the general awareness of SQL-injections; a wake-up call for developers, professors, researchers and students that are designing and programming databases and websites.