In accordance with the Open up Web Application Security Project ( OWASP ) , injection attacks are first on the list of the top 10 web vulnerabilities . Diving into these , SQL injections should take care of a large chunk of this . Exploitation of SQL injections is trivial . This weakness is not only web related however could also appear in desktop applications which use SQL server backends . The detectability of such vulnerabilities is dependent upon the complication of the application in question .