Abstract: The weakness of the web due to the recent trend of sophistication in cybercrime has awaken the interest of researches in securing web applications. Hence web-based information assets are not secured with increased tendency of hackers to break in. The enhancement in the features of database servers has made most of the web applications use Relational Database Management Systems (RDBMS). Attackers use SQL injection to gain unauthorized access to databases and manipulate all the valuable information stored therein. That has created interfaces that are not free from attack due to the susceptibility of risk attack in the web application called Structured Query Language (SQL) Injection.