Web applications are those applications which run in a web browser. These applications are accepted in some data and send it to a database for further processing. There are a number of attacks on web applications like cross site scripting, cross site request forgery, but SQL injection attacks are the most prominent. Number of papers in Literature has been projected ways to avoid SQL injection attacks by examining dynamic SQL query semantics at runtime in the application layer. This paper contains the study of SQLIA and its prevention techniques. SQL injection attacks on web application have become one of the most important information security concerns [Pinzo'n C et al., 2010]. These SQL injection attacks are extremely widespread and pose a serious security threat [Khoury et al., 2011]. In today's world SQL injection is one of the most dangerous security threats in database.