Increased usage of web applications in recent years has emphasized the need to achieve confidentiality, integrity and availability of web applications. Web applications are used by the organizations to provide services like online banking, online shopping, social networking, etc. So people expect these applications to be secure and reliable when they are paying bills, shopping online, making transactions, etc. These web applications consist of underlying databases containing confidential user's information like financial information records, medical information records, personal information records which are highly sensitive and valuable, which in turn makes web applications as an ideal target for external attacks such as Structured Query Language (SQL) Injection. In fact, SQL Injection is categorized as the top-10 2010 web application vulnerabilities experienced by web applications according to OWASP (Open Web Application Security Project) . There is an emerging need to handle such attacks to secure the stored information.