Vulnerability: SQL query built from user-controlled sources / alert number: 15

Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.

Helpful references

PHP SQL Injection Page - A detailed page on SQL injection in the online PHP manual.
OWASP SQL Injection Prevention Cheat Sheet - This article is focused on providing clear, simple, actionable guidance for preventing SQL Injection flaws in your applications.
OWASP SQL Injection - OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.
OWASP Query Parameterization Cheat Sheet - A derivative work of the OWASP SQL Injection Prevention Cheat Sheet focused on SQL query parameterization.
Preventing SQL Injection Attacks With Python - A tutorial on crafting parameterized queries, SQL composition and safe query execution in Python.

Building a SQL query from user-controlled sources is vulnerable to insertion of malicious SQL code by the user.

Helpful references

PHP SQL Injection Page - A detailed page on SQL injection in the online PHP manual.
OWASP SQL Injection Prevention Cheat Sheet - This article is focused on providing clear, simple, actionable guidance for preventing SQL Injection flaws in your applications.
OWASP SQL Injection - OWASP community page with comprehensive information about SQL injection, and links to various OWASP resources to help detect or prevent it.
OWASP Query Parameterization Cheat Sheet - A derivative work of the OWASP SQL Injection Prevention Cheat Sheet focused on SQL query parameterization.
Preventing SQL Injection Attacks With Python - A tutorial on crafting parameterized queries, SQL composition and safe query execution in Python.

Karthiktests / demo-csharp