There are so many ways that a black hat hacker can attack a system now that it is hard for even the most experienced of security experts to be able to know about all of them.
So if you are expecting the average programmer to know about every way that a system can be attacked in their code then you will be disappointed.
This is why if you are a programmer you must start to read as much as you can about protecting the web sites that you create.
You can start here by learning about JS injections.
I will tell you what they are and how you can avoid them from happening to you.
What Is A JS Injection Attack?
When you create a form you usually create some form of text box and a submit button.
When the submit button is hit, the data that is in the text box goes to a page, that usually has server side code in it, and it is processed on the server.
If the attacker is able to place code on there that will execute on the server then they can make it do things that it was not supposed to do.
So with a JS injection worm the code is processed on the page and a Worm is activated.
A Worm is a certain kind of malware that propagates itself from server to server.
The injection could be a Worm attack but it could also be, as I said before, an SQL attack which would do something bad to the database that you have on the system.
How Do You Stop This Type Of Attack On Your Server?
If you want to be sure that this does not happen to you then you should make sure that all of the places that you have a user input data are properly sanitized.
You must make sure that you protect the input forms from both client side and server side attacks.
If you close one and not the other then you still leave yourself open to attack.
It is easier to protect yourself from both types of attacks in the beginning.
Make sure that when you create a form on a web page that you follow security procedures.
If not then your web site can come under attack as well.