SQL injection is one of the most common attacks against businesses, with a high rate of success. The effects are potentially horrible, since it might destroy your database or give the attacker access to parts of the database that you do not want publicly known. Attackers could be after personally identifiable information of your customers or the list of your suppliers. An attacker can squeeze in his own strings of code to exploit a security vulnerability in an application, such as when user input is incorrectly filtered for string literal escape.”]