SQL Injection Through Web Applications
Web applications and web services are becoming common place. They are often fundamental business tools, critical to the daily operations of the enterprise.
In essence they are client/server applications interacting over HTTP. The client side is typically a web browser, while the server side runs on distributed application servers, connecting to multiple data sources. The end user interacts with the web application, sending back their choices or data. This can range from a simple search through an archive of articles, over a personal information manager keeping track of appointments online, to large business-to-business applications performing real-time sales and inventory management. Web services are the next evolution of web applications."…
PS: I found my paper (2004 update) archived on the Internet Archive’s WayBack Machine! So I thought I added it here again for prosperity… :-)