Now day’s online transaction is done by most of web applications. These applications have vulnerabilities which make its security weak. Every application has provided authentication and authorization functionality, security remains an issues. SQL injection is a technique which gives access to backend database without valid credentials. SQL injection technique has been discovered with new innovative method. This paper presents analysis of various new methodologies of SQL injection, their preventions and its vulnerabilities. We experimented on various methodology of this attack with various applications and analyzed its prevention strategies for programmer of web applications.