Most information systems and business applications built nowadays have a web frontend. These web applications can be accessed from anywhere and it become so widely exposed, any existing security vulnerability will most probably be uncovered and exploited by hackers. Two of the most widely spread and critical web application vulnerabilities are SQL Injection and XSS. SQLi and XSS allow attackers to access unauthorized data gain access to privileged database accounts. The data may contain credit card numbers, account numbers, social security numbers, user names, passwords, email accounts, etc. These goods have a huge demand in the underground economy, which indicate that they have a higher cost or benefit ratio compared to other types of attacks. The proposed system developed with the security level very much enhanced from its actual level. The DBA cannot view the user details in its original form. The hacker cannot enter the user login by using the tricky queries, cannot run the inbuilt function.